CVE-2006-4197

Priority
Untriaged
Description
Multiple buffer overflows in libmusicbrainz (aka mb_client or MusicBrainz
Client Library) 2.1.2 and earlier, and SVN 8406 and earlier, allow remote
attackers to cause a denial of service (crash) or execute arbitrary code
via (1) a long Location header by the HTTP server, which triggers an
overflow in the MBHttp::Download function in lib/http.cpp; and (2) a long
URL in RDF data, as demonstrated by a URL in an rdf:resource field in an
RDF XML document, which triggers overflows in many functions in
lib/rdfparse.c.
References
Package
Upstream:needs-triage
More Information

Updated: 2017-08-11 23:32:42 UTC (commit 13081)