Oddsock Song Requester 2.1 Buffer Overflow

vendor:

Song Requester

by:

SecurityFocus

7.5

CVSS

HIGH

Buffer Overflow

119

CWE

Product Name: Song Requester

Affected Version From: 2.1

Affected Version To: 2.1

Patch Exists: YES

Related CWE: N/A

CPE: /a:oddsock:song_requester:2.1

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: Windows, Linux, Mac

2002

Oddsock Song Requester 2.1 Buffer Overflow

A vulnerability has been reported for Oddsock Song Requester 2.1, where an attacker can make a request to 'request.cgi' using a long value for the 'listpos' parameter, which can cause Song Requester and WinAmp to crash. This condition may be due to a buffer overflow, which could lead to code execution.

Mitigation:

Upgrade to the latest version of Oddsock Song Requester.

Source

Oddsock Song Requester 2.1 Buffer Overflow

Mitigation:

Exploit-DB raw data: