Heap-based buffer overflow in the cddb_read_disc_data function in
cddb.c in libcdaudio 0.99.12p2 allows remote attackers to execute
arbitrary code via long CDDB data.
Buffer overflow in discdb.c for grip 3.1.2 allows attackers to cause
a denial of service (crash) and possibly execute arbitrary code by
causing the cddb lookup to return more matches than expected.
PR: 129050
Submitted by: Eygene Ryabinkin <rea-fbsd@codelabs.ru>
Approved by: novel@ (maintainer)
Security: http://www.vuxml.org/freebsd/bd730827-dfe0-11dd-a765-0030843d3802.html
bf29e3620d