From: Dirk Mueller <mueller@kde.org.>
To: [email protected]Subject: [Kaffeine Security Advisory] Heap based buffer overflow in http_peek()
Date: Wed, 5 Apr 2006 02:46:46 +0200
User-Agent: KMail/1.9.1
Cc: [email protected]
MIME-Version: 1.0
Content-Type: text/plain;
charset="us-ascii"
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
Message-Id: <200604050246.46814.mueller@kde.org.>
X-Virus-Scanned: antivirus-gw at tyumen.ru
Kaffeine buffer overflow in http_peek()
Original Release Date: 2006-04-04
URL: http://www.kde.org/info/security/advisory-20060404-1.txt
0. References
CVE-2006-0051
1. Systems affected:
Kaffeine 0.4.2 up to including Kaffeine 0.7.1. Kaffeine
0.8.0 not affected.
2. Overview:
Kaffeine can produce a buffer overflow in http_peek() while
creating HTTP request headers for fetching remote playlists,
which under certain circumstances could be used to crash the
application and/or execute arbitrary code.
3. Impact:
Remotely supplied playlists can be used to execute arbitrary
code on the local machine.
4. Solution:
Source code patches have been made available which fix these
vulnerabilities. Contact your OS vendor / binary package provider
for information about how to obtain updated binary packages.
5. Patch:
Patch for Kaffeine 0.7.x is available from
ftp://ftp.kde.org/pub/kde/security_patches :
45cdf59fc1d9d94b045915e9583187d8 kaffeine-0.7.x-CVE-2006-0051.patch
Patch for Kaffeine 0.5.x is available from
ftp://ftp.kde.org/pub/kde/security_patches :
86109b6919cc2984f85dc6a463627c50 kaffeine-0.5.x-CVE-2006-0051.patch
Patch for Kaffeine 0.4.x is available from
ftp://ftp.kde.org/pub/kde/security_patches :
feb69d70388b0a4745b29a644a3f7779 kaffeine-0.4.x-CVE-2006-0051.patch
6. Credits:
We'd like to thank Marcus Meissner for discovering and reporting
the issue.
