The libmusicbrainz library is prone to multiple buffer-overflow vulnerabilities because the application fails to check the size of the data before copying it into a finite-sized internal memory buffer.

An attacker can exploit these issues to execute arbitrary code within the context of the application or to cause a denial-of-service condition.

Versions 2.1.2, SVN 8406, and prior are vulnerable to this issue; other versions may also be affected.

The libmusicbrainz (also known as mb_client or MusicBrainz Client Library) is a development library geared towards developers who wish to add MusicBrainz lookup capabilities to their applications.

Security Focus