Buffer overflow in the http_open function in Kaffeine before 0.5, whose code is also used in gxine before 0.3.3, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a long Content-Type header for a Real Audio Media (.ram) playlist file.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| kaffeine | kaffeine_player | 0.4.3b |
| xine | gxine | 0.3 |
| kaffeine | kaffeine_player | 0.4.3 |
| kaffeine | kaffeine_player | 0.4.2 |
| kaffeine | kaffeine_player | 0.5_rc1 |
| gentoo | linux | * |
Buffer overflow in playlistimport.cpp in Kaffeine Player 0.4.2 through 0.7.1 allows user-assisted attackers to execute arbitrary code via long HTTP request headers when Kaffeine is "fetching remote playlists", which triggers the overflow in the http_peek function.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| kaffeine | kaffeine_player | 0.4.3b |
| kaffeine | kaffeine_player | 0.7.1 |
| kaffeine | kaffeine_player | 0.4.3 |
| kaffeine | kaffeine_player | 0.4.2 |
| kaffeine | kaffeine_player | 0.5_rc1 |