MDKSA-2006:117-1
- Package name
- libmms
- Date
- 2006-07-12
- Advisory ID
- MDKSA-2006:117-1
- Affected versions
- 2006.0 i586 , 2006.0 x86_64
Problem description
Stack-based buffer overflow in MiMMS 0.0.9 allows remote attackers to cause
a denial of service (application crash) and possibly execute arbitrary code
via the (1) send_command, (2) string_utf16, (3) get_data, and (4)
get_media_packet functions, and possibly other functions. Libmms uses the
same vulnerable code.
Update:
The previous update for libmms had an incorrect/incomplete patch. This
update includes a more complete fix for the issue.
Updated packages
2006.0 i586
e9fd0a2b5764917cfaf2e9bf45af2e5d 2006.0/RPMS/libmms0-0.1-1.2.20060mdk.i586.rpm b556179bdc4842b0cc923346494dadce 2006.0/RPMS/libmms0-devel-0.1-1.2.20060mdk.i586.rpm a539ad416a9f9b1252fa12e5b2c29b60 2006.0/SRPMS/libmms-0.1-1.2.20060mdk.src.rpm
2006.0 x86_64
2a16fb87e7c00d2246f5f0716d6451eb x86_64/2006.0/RPMS/lib64mms0-0.1-1.2.20060mdk.x86_64.rpm b2775f1f51106cfdb390627a455c3c28 x86_64/2006.0/RPMS/lib64mms0-devel-0.1-1.2.20060mdk.x86_64.rpm a539ad416a9f9b1252fa12e5b2c29b60 x86_64/2006.0/SRPMS/libmms-0.1-1.2.20060mdk.src.rpm