Searching music software vulnerabilities

Avaya Argent Office 2.1 may allow remote attack

legitimate | providing | attackers | broadcast | HoldMusic | alternate | response | spoofing | server's | Office | remote | Argent | change | allow | Avaya | music | file | hold | TFTP | may |

Avaya Argent Office 2.1 may allow remote attackers to change hold music by spoofing a legitimate server's response to a TFTP broadcast and providing an alternate HoldMusic file.


The Microsoft Windows Media Player 9.0 ActiveX

arbitrary | attackers | Microsoft | computer | execute | control | Windows | ActiveX | script | Player | remote | Local | Media | allow | zone | via | web | may |

The Microsoft Windows Media Player 9.0 ActiveX control may allow remote attackers to execute arbitrary web script in the Local computer zone via the (1) artist or (2) song fields of a music file, if the file is processed using Internet Explorer.


Buffer overflow in (1) MusicConverter.exe, (2)

overflow | Buffer |

Buffer overflow in (1) MusicConverter.exe, (2) playlist.exe, and (3) amp.exe in dBpowerAMP Audio Player 2.0 and dbPowerAmp Music Converter 10.0 allows remote attackers to cause a denial of service or execute arbitrary code via a .pls or .m3u playlist that contains long File1 (filename) fields.


Music daemon (musicd) 0.0.3 and earlier allows

daemon | Music |

Music daemon (musicd) 0.0.3 and earlier allows remote attackers to cause a denial of service (crash) by calling LOAD with a binary file as an argument, then calling SHOWLIST.


SQL injection vulnerability in process.php in 1

vulnerability | processphp | attackers | arbitrary | injection | parameter | commands | execute | AlbumID | allows | remote | 1-2-3 | music | store | SQL | via |

SQL injection vulnerability in process.php in 1-2-3 music store allows remote attackers to execute arbitrary SQL commands via the AlbumID parameter.


Buffer overflow in Illustrate dBpowerAMP Music

Illustrate | dBpowerAMP | Converter | overflow | Buffer | Music |

Buffer overflow in Illustrate dBpowerAMP Music Converter 11.5 and earlier, possibly including (1) MusicConverter.exe, (2) playlist.exe, and (3) amp.exe, allows user-assisted attackers to cause a denial of service or execute arbitrary code via a .m3u playlist with a long entry, possibly involving large field names, as demonstrated by SecuBox.Labs.m3u. NOTE: this issue might be the same as the .m3u vulnerability in CVE-2004-1569, but if so, then CD:SF-LOC suggests creating a different identifier since the .m3u issue would affect different versions than the .pls issue.


Multiple SQL injection vulnerabilities in Sergi

vulnerabilities | attackers | injection | arbitrary | PHP-Nuke | commands | Multiple | earlier | execute | SergiDs | remote | module | Music | allow | via | SQL | Top | PR3 |

Multiple SQL injection vulnerabilities in SergiDs Top Music module 3.0 PR3 and earlier for PHP-Nuke allow remote attackers to execute arbitrary SQL commands via the (1) idartist, (2) idsong, and (3) idalbum parameters to modules.php.


Multiple buffer overflows in abc2ps before 1.3.

overflows | Multiple | before | abc2ps | buffer |

Multiple buffer overflows in abc2ps before 1.3.3 allow user-assisted attackers to execute arbitrary code via crafted ABC music files.


Multiple buffer overflows in the abcmidi-yaps t

abcmidi-yaps | translator | overflows | Multiple | abcmidi | buffer |

Multiple buffer overflows in the abcmidi-yaps translator in abcmidi Saturday, January 01, 2005, and other versions, allow remote attackers to execute arbitrary code via crafted ABC music files that trigger the overflows during translation into PostScript.


Multiple format string vulnerabilities in (a) O

vulnerabilities | Multiple | string | format |

Multiple format string vulnerabilities in (a) OpenBOR 2.0046 and earlier, (b) Beats of Rage (BOR) 1.0029 and earlier, and (c) Horizontal Shooter BOR (HOR) 2.0000 and earlier allow remote attackers to execute code via format string specifiers in configurations used in various mod files, as demonstrated by the (1) music identifier in data/scenes/intro.txt, which is not properly handled in the update function, and (2) background identifier in data/easy/1aeasy.txt, which is not properly handled in the shutdown function.


Heap-based buffer overflow in the it_read_envel

it_read_envelope | Bibliotheque | Heap-based | Universal | function | overflow | Dynamic | buffer | Music |

Heap-based buffer overflow in the it_read_envelope function in Dynamic Universal Music Bibliotheque (DUMB) 0.9.3 and earlier and current CVS as of Sunday, July 16, 2006, including libdumb, allows user-assisted attackers to execute arbitrary code via a ".it" (Impulse Tracker) file with an envelope with a large number of nodes.


Stack-based buffer overflow in the NCTAudioFile

NCTAudioFile2AudioFile | Stack-based | overflow | control | ActiveX | buffer |

Stack-based buffer overflow in the NCTAudioFile2.AudioFile ActiveX control (NCTAudioFile2.dll), as used by multiple products, allows remote attackers to execute arbitrary code via a long argument to the SetFormatLikeSample function. NOTE: the products include (1) NCTsoft NCTAudioStudio, NCTAudioEditor, and NCTDialogicVoice; (2) Magic Audio Recorder, Music Editor, and Audio Converter; (3) Aurora Media Workshop; DB Audio Mixer And Editor; (4) J. Hepple Products including Fx Audio Editor and others; (5) EXPStudio Audio Editor; (6) iMesh; (7) Quikscribe; (8) RMBSoft AudioConvert and SoundEdit Pro 2.1; (9) CDBurnerXP; (10) Code-it Software Wave MP3 Editor and aBasic Editor; (11) Movavi VideoMessage, DVD to iPod, and others; (12) SoftDiv Software Dexster, iVideoMAX, and others; (13) Sienzo Digital Music Mentor (DMM); (14) MP3 Normalizer; (15) Roemer Software FREE and Easy Hi-Q Recorder, and Easy Hi-Q Converter; (16) Audio Edit Magic; (17) Joshua Video and Audio Converter; (18) Virtual CD; (19) Cheetah CD and DVD Burner; (20) Mystik Media AudioEdit Deluxe, Blaze Media, and others; (21) Power Audio Editor; (22) DanDans Digital Media Full Audio Converter, Music Editing Master, and others; (23) Xrlly Software Text to Speech Makerand Arial Sound Recorder / Audio Converter; (24) Absolute Sound Recorder, Video to Audio Converter, and MP3 Splitter; (25) Easy Ringtone Maker; (26) RecordNRip; (27) McFunSoft iPod Audio Studio, Audio Recorder for Free, and others; (28) MP3 WAV Converter; and (29) BearShare 6.0.2.26789.


admin/config.php in the music-on-hold module in

admin/configphp | administrators | metacharacters | authenticated | music-on-hold | arbitrary | parameter | commands | execute | freePBX | allows | module | remote | shell | del | via | 22x |

admin/config.php in the music-on-hold module in freePBX 2.2.x allows remote authenticated administrators to execute arbitrary commands via shell metacharacters in the del parameter.


Multiple stack-based buffer overflows in the Si

stack-based | overflows | Multiple | Digital | Mentor | buffer | Sienzo | Music |

Multiple stack-based buffer overflows in the Sienzo Digital Music Mentor (DMM) 2.6.0.4 ActiveX control (DSKernel2.dll) allow remote attackers to execute arbitrary code via a long argument to the (1) LockModules or (2) UnlockModule function.


Buffer overflow in the UnlockSupport function i

UnlockSupport | LockModules | ltmm15dll | subsystem | overflow | function | control | Digital | certain | ActiveX | Mentor | Buffer | Sienzo | Music |

Buffer overflow in the UnlockSupport function in the LockModules subsystem in a certain ActiveX control in ltmm15.dll in Sienzo Digital Music Mentor (DMM) 2.6.0.4 allows remote attackers to execute arbitrary code via a long string in the second argument, a different issue than CVE-2007-2564.


Cross-site scripting (XSS) vulnerability in sho

Cross-site | scripting |

Cross-site scripting (XSS) vulnerability in showown.php in GMTT Music Distro 1.2 allows remote attackers to inject arbitrary web script or HTML via the st parameter.


SQL injection vulnerability in process.php in E

vulnerability | processphp | CategoryID | attackers | arbitrary | injection | parameter | commands | execute | remote | Easybe | allows | 1-2-3 | Store | Music | SQL | via |

SQL injection vulnerability in process.php in Easybe 1-2-3 Music Store allows remote attackers to execute arbitrary SQL commands via the CategoryID parameter.


Buffer overflow in Warzone 2100 Resurrection be

overflow | Warzone | Buffer |

Buffer overflow in Warzone 2100 Resurrection before 2.0.7 allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via a long filename when setting background music.


Directory traversal vulnerability in index.php

register_globals | vulnerability | arbitrary | attackers | traversal | Directory | indexphp | execute | include | enabled | phpNuke | module | allows | remote | local | files | Music | Dance | via |

Directory traversal vulnerability in index.php in the Dance Music module for phpNuke, when register_globals is enabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in an ACCEPT_FILE array parameter to modules.php.


Software vulnerabilities results 1 to 20 of 20     
Page: 12