Info

Disclosure

Jul 20, 2009

Discovery

Unknown

Dates

Exploit

Jul 20, 2009

Solution

Unknown

Description

Acoustica MP3 Audio Mixer is prone to an overflow condition. The program fails to perform adequate boundary checks when importing M3U playlists, resulting in a heap overflow. With a specially crafted M3U file, a context-dependent attacker can potentially cause arbitrary code execution.

Classification

Location: Local / Remote, Context Dependent
Attack Type: Input Manipulation
Impact: Loss of Integrity
Exploit: Exploit Public
Disclosure: Uncoordinated Disclosure

Solution

Products

Unknown or Incomplete

References

CVE ID: 2009-3810 (see also: NVD)
Secunia Advisory ID: 35902
ISS X-Force ID: 51868
Milw0rm: 9213
Exploit Database: 9213
Other Advisory URL: http://www.vupen.com/english/advisories/2009/1958

Credit

Unknown or Incomplete

Direct URL: http://osvdb.org/56033