indeego Posted October 30, 2007 Report Share Posted October 30, 2007 source http://www.heise-security.co.uk/news/98181Sony's SonicStage CP allows code injectionSony uses SonicStage CP software for loading its MP3 players. However, the application processes crafted playlists incorrectly, so that attackers can inject and execute external code.According to a security advisory from Secunia, the security vulnerability was discovered by Parvez Anwar. If a .m3u playlist contains an entry with more than 1000 characters, a buffer overflow can occur. A sample program which is meant to demonstrate the vulnerability has now appeared on milw0rm.The bug apparently affects the current version 4.3 of SonicStage CP and possibly previous versions. No update is yet available, so users of this software should not open .m3u playlists for the time being.# Sample program demonstrating the vulnerability on milw0rm# Sony CONNECT Player M3U Playlist Processing Buffer Overflow, security advisory from Secunia Quote Link to comment Share on other sites More sharing options...
bobt Posted October 31, 2007 Report Share Posted October 31, 2007 Thanks a lot, don't have any m3u's so lucky so far I guessBob Quote Link to comment Share on other sites More sharing options...
Avrin Posted October 31, 2007 Report Share Posted October 31, 2007 The easiest way to avoid any problems is to never use M3Us from an unknown source. Or to check them using a text editor, such as Notepad, for the presence of any strings longer than 1000 symbols. Actually, there shouldn't be any strings longer than about 100 symbols, and those are for songs with really long names. Quote Link to comment Share on other sites More sharing options...
indeego Posted December 6, 2007 Author Report Share Posted December 6, 2007 There is now a fix to this problem. Quote Link to comment Share on other sites More sharing options...
A440 Posted December 6, 2007 Report Share Posted December 6, 2007 Pardon me for asking, but does it break anything else? Security programs can have tricky interactions. I might feel that I'm better off just deleting unsolicited .m3u files. Quote Link to comment Share on other sites More sharing options...
indeego Posted December 6, 2007 Author Report Share Posted December 6, 2007 Well, not as far as I (and hopefully Sony) know(s) Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.