CVE-2012-0270

Csound <5.16.6 - Buffer Overflow

Title source: llm

Description

Multiple stack-based buffer overflows in Csound before 5.16.6 allow remote attackers to execute arbitrary code via a crafted (1) hetro file to the getnum function in util/heti_main.c or (2) PVOC file to the getnum function in util/pv_import.c.

Exploits (2)

exploitdb WORKING POC VERIFIED

by Metasploit · rubylocalwindows

https://www.exploit-db.com/exploits/18710

View Code ZIP pw:eip

metasploit WORKING POC NORMAL

by Secunia, juan vazquez · rubypocwin

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/fileformat/csound_getnum_bof.rb

View Code ZIP pw:eip

References (5)

[Mailing List] http://lists.opensuse.org/opensuse-security-announce/2012-02/msg00027.html

[Mailing List] http://lists.opensuse.org/opensuse-updates/2012-03/msg00027.html

[Vendor Advisory] http://secunia.com/advisories/47585

[Vendor Advisory] http://secunia.com/secunia_research/2012-3/

[Vendor Advisory] http://sourceforge.net/projects/csound/files/csound5/csound5.16/Version5.16_Notes/view

Scores

EPSS 0.7545

EPSS Percentile 98.9%

Details

CWE

CWE-119

Status published

Products (9)

csounds/csound 5.12.4

csounds/csound 5.13.0

csounds/csound 5.13.1

csounds/csound 5.14.0

csounds/csound 5.14.1

csounds/csound 5.14.2

csounds/csound 5.15.0

csounds/csound 5.16

csounds/csound < 5.16.1

Published Feb 17, 2014

Tracked Since Feb 18, 2026