FreeBSD : amarok -- multiple vulnerabilities (6bb6188c-17b2-11de-ae4d-0030843d3802)
High Nessus Plugin ID 35999
SynopsisThe remote FreeBSD host is missing a security-related update.
DescriptionSecunia reports :
Tobias Klein has reported some vulnerabilities in Amarok, which potentially can be exploited by malicious people to compromise a user's system.
Two integer overflow errors exist within the 'Audible::Tag::readTag()' function in src/metadata/audible/audibletag.cpp. These can be exploited to cause heap-based buffer overflows via specially crafted Audible Audio files.
Two errors within the 'Audible::Tag::readTag()' function in src/metadata/audible/audibletag.cpp can be exploited to corrupt arbitrary memory via specially crafted Audible Audio files.
SolutionUpdate the affected package.