Vulnerabilities > CVE-2009-0475 - Numeric Errors vulnerability in Android Opencore 2.0
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
Integer underflow in the Huffman decoding functionality (pvmp3_huffman_parsing.cpp) in OpenCORE 2.0 and earlier allows remote attackers to cause a denial of service (process crash) and possibly execute arbitrary code via a crafted MP3 file that triggers heap corruption.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Common Weakness Enumeration (CWE)
Seebug
| bulletinFamily | exploit |
| description | BUGTRAQ ID: 33673 CVE(CAN) ID: CVE-2009-0475 OpenCORE是开放源码的多媒体解码子系统。 OpenCORE的pvmp3_huffman_parsing.cpp文件在Huffman解码期间存在整数下溢,导致在写入到堆分配缓冲区时出现错误的边界检查。如果用户受骗打开了恶意的mp3文件,就可以触发这个溢出,导致播放器崩溃或执行任意代码。 Android Open Source Project OpenCORE <= 2.0 厂商补丁: Android Open Source Project --------------------------- 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载: <a href=http://review.source.android.com/Gerrit#change target=_blank rel=external nofollow>http://review.source.android.com/Gerrit#change</a>,8815 |
| id | SSV:4740 |
| last seen | 2017-11-19 |
| modified | 2009-02-11 |
| published | 2009-02-11 |
| reporter | Root |
| title | OpenCORE pvmp3_huffman_parsing.cpp MP3文件解析整数下溢漏洞 |
References
- http://www.securityfocus.com/bid/33673
- http://www.ocert.org/advisories/ocert-2009-002.html
- http://www.securityfocus.com/archive/1/500750/100/0/threaded
- http://android.git.kernel.org/?p=platform/external/opencore.git%3Ba=commit%3Bh=7b466cd0ecfdba72c4cbd0f3a8c2001141376b0f
- http://review.source.android.com/Gerrit#change%2C8815