Monday, February 11, 2008

jetAudio ASX Parsing Buffer Overflow Vulnerability

jetAudio 7.x
clipped from
Laurent Gaffie has discovered a vulnerability in jetAudio, which can be exploited by malicious people to compromise a user's system.

The vulnerability is caused due to a boundary error within the processing of ASX files. This can be exploited to cause a stack-based buffer overflow via an overly long URL contained inside an ASX file.

The vulnerability is confirmed in version 7.0.5. Other versions may also be affected.

Do not open untrusted ASX files.
 blog it
Post a Comment