2
Candidate: CVE-2006-4089
4
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4089
6
Multiple buffer overflows in Andy Lo-A-Foe AlsaPlayer 0.99.76 and earlier
7
allow remote attackers to cause a denial of service (application crash), or
8
have other unknown impact, via (1) a long Location field sent by a web
9
server, which triggers an overflow in the reconnect function in
10
reader/http/http.c; (2) a long URL sent by a web server when AlsaPlayer is
11
seeking a media file for the playlist, which triggers overflows in
12
new_list_item and CbUpdated in interface/gtk/PlaylistWindow.cpp; and (3) a
13
long response sent by a CDDB server, which triggers an overflow in
14
cddb_lookup in input/ccda/cdda_engine.c.
23
dapper_alsaplayer: ignored (reached end-of-life)
24
edgy_alsaplayer: needed (reached end-of-life)
25
feisty_alsaplayer: released (0.99.76-9)
26
gutsy_alsaplayer: released (0.99.76-9)
27
hardy_alsaplayer: released (0.99.76-9)
28
intrepid_alsaplayer: released (0.99.76-9)
29
jaunty_alsaplayer: released (0.99.76-9)
30
karmic_alsaplayer: released (0.99.76-9)
31
devel_alsaplayer: released (0.99.76-9)