Summary
This host is installed with Amarok Player for Linux and is prone to Multiple Vulnerabilities.
Impact
Successful exploitation will allow attacker to execute malicious arbitrary codes or can cause heap overflow in the context of the application.
Solution
Upgrade to the latest version 2.0.1.1
http://amarok.kde.org
Insight
Multiple flaws are due to integer overflow errors within the Audible::Tag::readTag function in src/metadata/audible/audibletag.cpp. This can be exploited via specially crafted Audible Audio files with a large nlen or vlen Tag value.
Affected
Amarok Player version prior to 2.0.1.1 on Linux
References
Severity
Classification
-
CVE CVE-2009-0135, CVE-2009-0136 -
CVSS Base Score: 9.3
AV:N/AC:M/Au:N/C:C/I:C/A:C
Related Vulnerabilities