Songbird.Media.Player.DoS

description-logoDescription

This indicates an attempt to exploit a denial-of-service vulnerability in Songbird Media Player.
The vulnerability is a result of a format-string error in the Unicode converter that occurs when processing extended ASCII. A remote attacker can exploit this to consume all available CPU resources and cause a victim's system to crash, by creating a malformed M3U playlist file and persuading a victim to load it.

affected-products-logoAffected Products

Songbird Media Player 0.2 and earlier.

Impact logoImpact

Denial of service

recomended-action-logoRecommended Actions

We are not aware of any officially supplied patch at this time. Please check the Songbirdnest.com web site for updates: http://www.songbirdnest.com/

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)

Version Updates

Date Version Detail
2018-09-26 13.458