PT-2014-2738 · Jogamp+1 · Joal+2

Publicado

2014-06-13

·

Atualizado

2014-06-18

·

CVE-2013-4099

CVSS v2.0

10

Alta

VetorAV:N/AC:L/Au:N/C:C/I:C/A:C
Name of the Vulnerable Software and Affected Versions JOGAMP version 2.0-rc11
Description The issue concerns multiple unspecified vulnerabilities in OpenAL32.dll in JOAL 2.0-rc11, as used in JOGAMP. These vulnerabilities allow context-dependent attackers to execute arbitrary code via a crafted parameter to various methods in the jogamp.openal.ALImpl.dispatch class. The affected methods include alAuxiliaryEffectSlotf, alBuffer3f, alBufferfv, alDeleteEffects, alEffectf, alEffectfv, alEffectiv, alEnable, alFilterfv, alFilteriv, alGenAuxiliaryEffectSlots, alGenEffects, alGenFilters, alGenSources, alGetAuxiliaryEffectSlotiv, alGetBuffer3f, alGetBuffer3i, alGetBufferf, alGetBufferiv, alGetDoublev, alGetEffectf, alGetEffectfv, alGetEffectiv, alGetEnumValue, alGetFilteri, alGetFilteriv, alGetFloat, alGetFloatv, alGetListener3f, alGetListener3i, alGetListenerf, alGetListeneri, alGetListeneriv, alGetProcAddress, alGetProcAddressStatic, alGetSource3f, alGetSource3i, alGetSourcef, alGetSourcefv, alGetSourcei, alGetSourceiv, alGetString, alIsAuxiliaryEffectSlot, alIsBuffer, alIsEffect, alIsExtensionPresent, alIsFilter, alListener3f, alListener3i, alListenerf, alListenerfv, alListeneri, alListeneriv, alSource3f, alSource3i, alSourcef, alSourcefv, alSourcei, alSourceiv, alSourcePause, alSourcePausev, alSourcePlay, alSourcePlayv, alSourceQueueBuffers, alSourceRewindv, alSourceStop, alSourceStopv, alSourceUnqueueBuffers, or alSpeedOfSound.
Recommendations As a temporary workaround, consider disabling the affected methods in the jogamp.openal.ALImpl.dispatch class until a patch is available. Restrict access to the vulnerable OpenAL32.dll module to minimize the risk of exploitation. Avoid using crafted parameters to the affected methods in the vulnerable version of JOGAMP. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Identificadores relacionados

CVE-2013-4099

Produtos afetados

Joal
Jogamp
Openal32.Dll