PT-2007-5888 · Next Generation · Virtual Dj
0X58
·
Published
2007-09-06
·
Updated
2017-09-29
·
CVE-2007-4735
CVSS v2.0
9.3
High
| Vector | AV:N/AC:M/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions:
Next Generation Software Virtual DJ (VDJ) version 5.0
Description:
The issue allows user-assisted remote attackers to execute arbitrary code via a long file path in an m3u file. This is due to a buffer overflow.
Recommendations:
For Virtual DJ (VDJ) version 5.0, consider avoiding the use of long file paths in m3u files until a patch is available. As a temporary workaround, restrict the processing of m3u files with long paths to minimize the risk of exploitation.
Exploit
Fix
Buffer Overflow
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Virtual Dj