VULHUB ™

Alsaplayer is a PCM player that utilizes the ALSA libraries and drivers. It is availabe for Linux and Unix platforms. A vulnerability has been discovered in Alsaplayer. By specifying an overly long "add-on path", it is possible for an attacker to overrun the buffer, potentially allowing for execution of attacker-supplied code. It should be noted that although Alsaplayer is not installed setuid by default, it is common practice for users to add a setuid bit to obtain certain functionality.

Alsaplayer is a PCM player that utilizes the ALSA libraries and drivers. It is availabe for Linux and Unix platforms. A vulnerability has been discovered in Alsaplayer. By specifying an overly long "add-on path", it is possible for an attacker to overrun the buffer, potentially allowing for execution of attacker-supplied code. It should be noted that although Alsaplayer is not installed setuid by default, it is common practice for users to add a setuid bit to obtain certain functionality.