Csound getnum() getnum Function Multiple Buffer Overflows
High Nessus Plugin ID 58989
SynopsisThe remote host has an application installed that is affected by multiple buffer overflow vulnerabilities.
DescriptionThe version of Csound installed on the remote Windows host is less than 5.16.6. As such, it is reportedly affected by multiple stack- based buffer overflows present in the getnum() function located in util/heti_main.c and util/pv_import.c
By tricking a user into opening a specially crafted file, an attacker may be able to execute arbitrary code subject to the user's privileges.
SolutionUpgrade to Csound version 5.16.6 or later.