CVE-2006-4131

Name of the Vulnerable Software and Affected Versions ArcSoft MMS Composer versions 1.5.5.6 and earlier ArcSoft MMS Composer versions 2.0.0.13 and earlier

Description The issue is related to multiple buffer overflows that can be triggered by crafted MMS messages. These overflows occur in the (1) M-Notification.ind, (2) M-Retrieve.conf (Header and Body), or (3) SMIL parsers, allowing remote attackers to cause a denial of service (crash) or execute arbitrary code.

Recommendations For ArcSoft MMS Composer versions 1.5.5.6 and earlier, consider disabling the M-Notification.ind, M-Retrieve.conf, and SMIL parsers until a patch is available. For ArcSoft MMS Composer versions 2.0.0.13 and earlier, consider disabling the M-Notification.ind, M-Retrieve.conf, and SMIL parsers until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.