Songbird.Media.Player.DoS
Description
This indicates an attempt to exploit a denial-of-service vulnerability in Songbird Media Player.
The vulnerability is a result of a format-string error in the Unicode converter that occurs when processing extended ASCII. A remote attacker can exploit this to consume all available CPU resources and cause a victim's system to crash, by creating a malformed M3U playlist file and persuading a victim to load it.
Affected Products
Songbird Media Player 0.2 and earlier.
Impact
Denial of service
Recommended Actions
We are not aware of any officially supplied patch at this time. Please check the Songbirdnest.com web site for updates: http://www.songbirdnest.com/
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |
Version Updates
Date | Version | Detail |
---|---|---|
2018-09-26 | 13.458 |