Buffer Overflow in Kaffeine and gxine Allows Remote Code Execution

Buffer Overflow in Kaffeine and gxine Allows Remote Code Execution

CVE-2004-1034 · HIGH Severity

AV:N/AC:L/AU:N/C:C/I:C/A:C

Buffer overflow in the http_open function in Kaffeine before 0.5, whose code is also used in gxine before 0.3.3, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a long Content-Type header for a Real Audio Media (.ram) playlist file.

Learn more about our Web Application Penetration Testing UK.