PT-2009-6039 · Ots · Otsav Free+3
Stack
·
Publicado
2009-10-27
·
Atualizado
2017-09-19
·
CVE-2009-3812
CVSS v2.0
9.3
Alta
| Vetor | AV:N/AC:M/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
OtsAV DJ trial version 1.85.64.0
OtsAV Radio trial version 1.85.64.0
OtsAV TV trial version 1.85.64.0
OtsAV Free version 1.77.001
Description
The issue is a heap-based buffer overflow that allows remote attackers to execute arbitrary code. This is achieved by using a long playlist in an Ots File List (.ofl) file.
Recommendations
For OtsAV DJ trial version 1.85.64.0, update to a version that fixes this issue.
For OtsAV Radio trial version 1.85.64.0, update to a version that fixes this issue.
For OtsAV TV trial version 1.85.64.0, update to a version that fixes this issue.
For OtsAV Free version 1.77.001, update to a version that fixes this issue.
As a temporary workaround, consider restricting the use of long playlists in .ofl files to minimize the risk of exploitation.
Exploit
Correção
Buffer Overflow
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Otsav Dj
Otsav Free
Otsav Radio
Otsav Tv