FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

grip -- CDDB response multiple matches buffer overflow vulnerability

Affected packages
grip < 3.2.0_7

Details

VuXML ID bcf27002-94c3-11d9-a9e0-0001020eed82
Discovery 2003-11-02
Entry 2005-03-14
Modified 2005-03-18

Joseph VanAndel reports that grip is vulnerability to a buffer overflow vulnerability when receiving more than 16 CDDB responses. This could lead to a crash in grip and potentially execution arbitrary code.

A workaround is to disable CDDB lookups.

References

Bugtraq ID 12770
CVE Name CVE-2005-0706
URL http://sourceforge.net/tracker/index.php?func=detail&aid=834724&group_id=3714&atid=103714

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.