Ringtone Tools Buffer Overflow

Monday, December 20th, 2004
by Marc Erickson

Secunia Advisory: SA13547

Release Date: 2004-12-20

Critical: Moderately critical

Impact: System access

Where: From remote

Solution Status: Unpatched

Software: Ringtone Tools 2.x

Qiao Zhang has reported a vulnerability in Ringtone Tools, which can be exploited by malicious people to compromise a user’s system.

The vulnerability is caused due to a boundary error in the “parse_emelody()” function. This can be exploited to cause a buffer overflow by tricking a user into opening a specially crafted eMelody file.

Successful exploitation allows execution of arbitrary code.

The vulnerability has been reported in version 2.22. Other versions may also be affected.

Solution:
Don’t open untrusted eMelody files.

Tags

Categories

Security

What Do You Think?

Want to Start a Blog Here for Free?

Are you an expert in one subject or another? If your goal is to help others and dispense hard-earned information back to the community, stake a claim on your very own Lockergnome blog today! You can write about anything - no matter the topic. Sign-up to start blogging!

Health - Sep 5, 2008

Biophysical Method May Help To Recover Hearing

Armoured Fish Study Helps Strengthen Darwin’s Natural Selection Theory
Friday, September 5, 2008
National Guidelines Released For Earwax Removal
Friday, September 5, 2008
Engineers Create Bone That Blends Into Tendons
Thursday, September 4, 2008
Light Shed On Bonobo Language
Thursday, September 4, 2008
Memory Trick Shows Brain Organization
Thursday, September 4, 2008

Environment, Out Of This World - Sep 3, 2008

Antarctic Research Helps Shed Light On Climate Change On Mars

Jumping For Joy… And Stronger Bones
Wednesday, September 3, 2008
Genetic Link To Dry Macular Degeneration Found
Tuesday, September 2, 2008
What Could Happen To Offshore Drilling If Gustav Hits Gulf
Tuesday, September 2, 2008
Challenges And Prospects For An HIV Vaccine
Tuesday, September 2, 2008
New Giant Clam Species Offers Window Into Human Past
Monday, September 1, 2008

Health - Aug 28, 2008

Study Points To Potential New Use For Viagra

Carnegie Mellon Firefox Extension Thwarts Internet Eavesdropping
Wednesday, August 27, 2008
Future For Clean Energy Lies In ‘Big Bang’ Of Evolution
Wednesday, August 27, 2008
The Impact Of Computing On Scientific Advancement
Wednesday, August 27, 2008
Nano-Sized ‘Trojan Horse’ To Aid Nutrition
Tuesday, August 26, 2008
Low-Income? No Car? Expect To Pay More For Groceries
Tuesday, August 26, 2008

History - Aug 26, 2008

New Evidence Debunks ‘Stupid’ Neanderthal Myth

Air-Purifying Church Windows Early Nanotechnology
Monday, August 25, 2008
Research Shows Pollsters How The Undecided Will Vote
Monday, August 25, 2008
‘Can You See Me Now?’ Sign Language Over Cell Phones Comes To United States
Monday, August 25, 2008
One Sleepless Night Increases Dopamine In The Human Brain
Wednesday, August 20, 2008
Local File-Sharing Drastically Cuts Network Load
Wednesday, August 20, 2008

57 queries / 0.303 seconds.