Rhythmbox Vulnerability

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: Rhythmbox Vulnerability
From: jplopezy@xxxxxxxxx
Date: 26 Jun 2008 04:14:31 -0000
List-help: <mailto:bugtraq-help@securityfocus.com>
List-id: <bugtraq.list-id.securityfocus.com>
List-post: <mailto:bugtraq@securityfocus.com>
List-subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
List-unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
Mailing-list: contact bugtraq-help@xxxxxxxxxxxxxxxxx; run by ezmlm

Application: Rhythmbox 0.11.5
OS: Linux - Ubuntu 8.04
------------------------------------------------------
1 - Description
2 - Vulnerability
3 - POC/EXPLOIT
------------------------------------------------------
Description

Rhythmbox is a renowned player of mp3 files that comes bundled in ubuntu.
What makes this vulnerability so dangerous is that it comes as default in ubuntu
is quite possible that creating malicious file is opened with this player.

------------------------------------------------------
Vulnerability

The vulnerability works when a file of reproduction specially trained is 
created this causes the program to break.

Analyzing in more detail the failure with a debugger you can see the flaw in 
the segment but you cannot see precisely which function fails.

0x0844a767 in? ()

------------------------------------------------------
POC/EXPLOIT

For a proof of concept you should create a file with the extension of 
reproduction (pls) and put the following content.

[playlist]
X-GNOME-Title=
Title= A * 1475
NumberOfEntries=0

------------------------------------------------------
Juan Pablo Lopez Yacubian

Prev by Date: Evolution Vulnerability
Next by Date: [USN-620-1] OpenSSL vulnerabilities
Previous by thread: Evolution Vulnerability
Next by thread: Re: Rhythmbox Vulnerability
Index(es):
- Date
- Thread