Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-0051

Overview

Vulnerability Score 5.1 5.1
CVE Id CVE-2006-0051
Last Modified 07 Mar 2011 09:29:13
Published 05 Apr 2006 06:04:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity HIGH
Authentication NONE

CVE-2006-0051

Summary

Buffer overflow in playlistimport.cpp in Kaffeine Player 0.4.2 through 0.7.1 allows user-assisted attackers to execute arbitrary code via long HTTP request headers when Kaffeine is "fetching remote playlists", which triggers the overflow in the http_peek function.

Vulnerable Systems

Application

  • Kaffeine Player 0.4.2

  • Kaffeine Player 0.4.3

  • Kaffeine Player 0.4.3b

  • Kaffeine Player 0.5 Rc1

  • Kaffeine Player 0.7.1


References

CONFIRM - http://www.kde.org/info/security/advisory-20060404-1.txt

SECUNIA - 19525

XF - kaffeine-http-peek-bo(25631)

VUPEN - ADV-2006-1229

UBUNTU - USN-268-1

BID - 17372

BUGTRAQ - 20060405 [Kaffeine Security Advisory] Heap based buffer overflow in http_peek()

SUSE - SUSE-SR:2006:008

GENTOO - GLSA-200604-04

DEBIAN - DSA-1023

SECTRACK - 1015863

SECUNIA - 19571

SECUNIA - 19557

SECUNIA - 19549

SECUNIA - 19542

SECUNIA - 19540

MANDRIVA - MDKSA-2006:065


Last Updated: 27 May 2016 10:41:30