CVE-2002-1896

Name of the Vulnerable Software and Affected Versions Alsaplayer version 0.99.71

Description A buffer overflow issue exists, allowing local users to execute arbitrary code when the software is installed setuid root. This can be achieved by providing a long command line argument, specifically with the -f or -o options.

Recommendations For Alsaplayer version 0.99.71, consider removing the setuid root installation to prevent exploitation until a patch is available. As a temporary workaround, restrict the use of the -f and -o command line arguments to minimize the risk of arbitrary code execution.