FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

yamt -- buffer overflow and directory traversal issues

Affected packages
yamt < 0.5_2


VuXML ID 99b5cfa5-d3d2-11d9-8ffb-00061bc2ad93
Discovery 2005-01-20
Entry 2005-06-03

Stanislav Brabec discovered errors in yamt's path name handling that lead to buffer overflows and directory traversal issues. When processing a file with a maliciously crafted ID3 tag, yamt might overwrite arbitrary files or possibly execute arbitrary code.

The SuSE package ChangeLog contains:


CVE Name CVE-2005-1846
CVE Name CVE-2005-1847