- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 21620
- Проверка EDB
-
- Пройдено
- Автор
- LUCAS LUNDGREN
- Тип уязвимости
- DOS
- Платформа
- CGI
- CVE
- cve-2002-1028
- Дата публикации
- 2002-07-16
Код:
source: https://www.securityfocus.com/bid/5248/info
A vulnerability has been reported for Oddsock Song Requester 2.1.
The vulnerability occurs when an attacker makes a request to 'request.cgi' using a long value for the 'listpos' parameter. It is possible to cause Song Requester and WinAmp to crash. As this condition may be due to a buffer overflow, code execution should be considered a possibility.
Note: it was reported that the value for the 'psearch' parameter also causes a crash, however this could not be reproduced by SecurityFocus.
http://<musicserver>/request.cgi?listpos=999...999(9x256)- Источник
- www.exploit-db.com
