[原文]Buffer overflow in (1) MusicConverter.exe, (2) playlist.exe, and (3) amp.exe in dBpowerAMP Audio Player 2.0 and dbPowerAmp Music Converter 10.0 allows remote attackers to cause a denial of service or execute arbitrary code via a .pls or .m3u playlist that contains long File1 (filename) fields.
[CNNVD]Illustrate dBpowerAMP Music Converter and Audio Player缓冲区溢出漏洞(CNNVD-200412-726)
(1)MusicConverter.exe，(2)playlist.exe，和(3)dBpowerAMP Audio Player 2.0和dbPowerAmp Music Converter 10.0版本的amp.exe存在缓冲区溢出漏洞。远程攻击者借助包含超长File1（文件名）字段的.pls或者.m3u播放列表导致服务拒绝或者执行任意代码。
A remote overflow exists in dBpowerAMP Music Converter and Audio Player. The application fails to perform proper bounds checking resulting in a buffer overflow. With a specially crafted playlist file (*.pls or *.m3u), a remote attacker can cause arbitrary code execution or cause the applications to crash resulting in a loss of integrity and/or availability.
Currently, there are no known upgrades, patches, or workarounds available to correct this issue.