AlsaPlayer 0.99.x - Vorbis Input Plugin OGG Processing Remote Buffer Overflow Vulnerability



source: http://www.securityfocus.com/bid/25969/info


AlsaPlayer is prone to a remote buffer-overflow vulnerability because it fails to properly bounds-check user-supplied data before copying it to an insufficiently sized buffer.

Exploiting this issue allows attackers to execute arbitrary machine code in the context of users running the affected application.

This issue affects versions prior to AlsaPlayer 0.99.80-rc3. 

https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/30648.ogg