Friday, March 2, 2012

multiple vulnerabilities in taglib

Dhanesh K. and myself have uncovered multiple vulnerabilities that can be triggered in taglib - a library used by vlc, amarok and other players for metadata tag parsing.

Timeline :-
February 29th, March 3Vulnerability discovery, contacting main developers, filing launchpad bug(security bugs are private by default, unless made public later on).
March 4Ack from developer, asking us to post details to the taglib mailing list. Details posted to mailing list.
March 42 bugs patched, PoC ogg files sent for resolving the other two bugs
March 4Other bugs confirmed on latest release, however, does not crash on dev head.
March 4Request for CVE
March 6CVE-2012-1107 and CVE-2012-1108 assigned
March 27CVE-2012-1584 assigned

Related links :-
LP bug
Taglib mailing list discussion

No comments:

Post a Comment