Notified:  May 22, 2003 Updated: December 23, 2003

Status

Affected

Vendor Statement

To exploit this vulnerability, a malicious user would need to first place a specially-crafted file onto the server, then execute the MP3Broadcaster utility. This requires a user account, and the way to address the issue is to only provide user accounts to trusted individuals. Exploiting the vulnerability does not result in elevated privileges.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.