Release DateJun 17, 2010 |
Severityhigh |
ImpactSystem Compromise: Remote attackers can gain control of vulnerable systems. |
DescriptionThis indicates an attack attempt against a buffer-overflow vulnerability in Free MP3 CD Ripper.The vulnerability is caused by an error when the vulnerable software handles a malicious .wav file. It allows a remote attacker to execute arbitrary code via sending a crafted wav file. |
Affected ProductsFree MP3 CD Ripper 2.6 is vulnerable. Other versions may also be affected. |
Recommended ActionsDo not convert untrusted WAV files. |
Coverage IPS
VCM |
Reference/shttp://www.securityfocus.com/bid/39672 (BugTraq) |
