CVE-2008-7185

Description

GNOME Rhythmbox 0.11.5 allows remote attackers to cause a denial of service (segmentation fault and crash) via a playlist (.pls) file with a long Title field, possibly related to the g_hash_table_lookup function in b-playlist-manager.c.

How to fix CVE-2008-7185

No fixed version has been published yet. Mitigate by removing the affected package or applying upstream guidance from the references below.

• Debian/rhythmbox—no fix listed

Is CVE-2008-7185 being exploited?

Low — EPSS is 1.4%, meaning exploitation activity has not been observed at scale.

Affected packages (1)

• from 0

References (1)

• ADVISORYsecurity-tracker.debian.org/tracker/CVE-2008-7185