Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 258597 - <media-sound/audacity-1.3.6 Stack-based buffer overflow (CVE-2009-0490)
Summary: <media-sound/audacity-1.3.6 Stack-based buffer overflow (CVE-2009-0490)
Status: RESOLVED DUPLICATE of bug 253493
Alias: None
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: High normal (vote)
Assignee: Gentoo Security
Whiteboard: B2 [ebuild]
Depends on:
Reported: 2009-02-11 13:03 UTC by Stefan Behte (RETIRED)
Modified: 2009-02-11 17:52 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---


Note You need to log in before you can comment on or make changes to this bug.
Description Stefan Behte (RETIRED) gentoo-dev Security 2009-02-11 13:03:26 UTC
CVE-2009-0490 (
  Stack-based buffer overflow in the String_parse::get_nonspace_quoted
  function in lib-src/allegro/strparse.cpp in Audacity 1.2.6 and other
  versions before 1.3.6 allows remote attackers to cause a denial of
  service (crash) and possibly execute arbitrary code via a .gro file
  containing a long string.
Comment 1 Robert Buchholz (RETIRED) gentoo-dev 2009-02-11 17:52:21 UTC

*** This bug has been marked as a duplicate of bug 253493 ***