PublicDate: 2006-08-17 21:04:00 UTC
Candidate: CVE-2006-4197
References:
 https://ubuntu.com/security/notices/USN-363-1
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4197
Description:
 Multiple buffer overflows in libmusicbrainz (aka mb_client or MusicBrainz
 Client Library) 2.1.2 and earlier, and SVN 8406 and earlier, allow remote
 attackers to cause a denial of service (crash) or execute arbitrary code
 via (1) a long Location header by the HTTP server, which triggers an
 overflow in the MBHttp::Download function in lib/http.cpp; and (2) a long
 URL in RDF data, as demonstrated by a URL in an rdf:resource field in an
 RDF XML document, which triggers overflows in many functions in
 lib/rdfparse.c.
Ubuntu-Description:
Notes:
Priority: untriaged
Discovered-by:
Assigned-to:
CVSS:

Bugs:
dapper_libmusicbrainz-2.1: released (2.1.2-2ubuntu3.1)
edgy_libmusicbrainz-2.1: released (2.1.2-6ubuntu2)
feisty_libmusicbrainz-2.1: released (2.1.2-6ubuntu2)
upstream_libmusicbrainz-2.1: needs-triage