1. Symantec/
  2. Security Response/
  3. Attack Signatures/
  4. Attack: Digital Music Pad .pls File Remote Buffer Overflow Vulnerability

Attack: Digital Music Pad .pls File Remote Buffer Overflow Vulnerability

Severity: High

This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.

Description

This signature detects attempts to exploit a stack-based buffer overflow vulnerability in Digital Music Pad which could result in remote code execution.

Additional Information

Digital Music Pad is an audio toolkit for the Windows operating system.

The application is prone to a remote stack-based buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied input. Specifically, this issue occurs when parsing a specially crafted '.pls' file.

Successfully exploiting this issue may allow remote attackers to execute arbitrary code in the context of the vulnerable application. Failed attacks will cause denial-of-service conditions.

Affected

  • Digital Music Pad 8.2.3.3.4 is vulnerable; other versions may also be affected.

Response


Additional References

  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube