Buffer overflow in Radscan Network_audio_system

CVE-2013-4256

Multiple stack-based and heap-based buffer overflows in Network Audio System (NAS) 1.9.3 allow local users to cause a denial of service (crash) or possibly execute arbitrary code via the (1) display command argument to the ProcessCommandLi…

Vulnerability class: Buffer Overflow

EPSS: 0.007 (48.3th percentile) — read the EPSS interpretation.

Affected products

Radscan Network_audio_system — versions 1.9.3
Canonical Ubuntu_linux — versions 12.04, 12.10, 13.04
N/a — versions n/a

Weakness classification (CWE)

CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer

References

secalert@redhat.com (mailing-list, x_refsource_MLIST, Patch)
secalert@redhat.com (mailing-list, x_refsource_MLIST, Exploit)
secalert@redhat.com (mailing-list, x_refsource_MLIST, Patch)
secalert@redhat.com (x_refsource_CONFIRM, Exploit, Patch)
secalert@redhat.com (vendor-advisory, x_refsource_DEBIAN)
secalert@redhat.com (vdb-entry, x_refsource_BID)
secalert@redhat.com (x_refsource_UBUNTU, vendor-advisory, Vendor Advisory)