jetAudio ASX Parsing Buffer Overflow Vulnerability

jetAudio 7.x

clipped from secunia.com Description: Laurent Gaffie has discovered a vulnerability in jetAudio, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to a boundary error within the processing of ASX files. This can be exploited to cause a stack-based buffer overflow via an overly long URL contained inside an ASX file. The vulnerability is confirmed in version 7.0.5. Other versions may also be affected. Solution: Do not open untrusted ASX files.