Gracenote: Security Vulnerabilities
The GraceNote GNSDK SDK before SVN Changeset 1.1.7 for Android might allow attackers to execute arbitrary code by leveraging a finalize method in a Serializable class that improperly passes an attacker-controlled pointer to a native function.
CVSS Score
9.8
EPSS Score
0.012
Published
2018-03-29
Multiple buffer overflows in the CDDBControl ActiveX control in Gracenote CDDB before 20070418 allow remote attackers to execute arbitrary code via long values for certain Proxy configuration parameters.
CVSS Score
9.3
EPSS Score
0.135
Published
2007-04-24
Buffer overflow in GraceNote CDDBControl ActiveX Control, as used by multiple products that use Gracenote CDDB, allows remote attackers to execute arbitrary code via a long option string.
CVSS Score
9.3
EPSS Score
0.431
Published
2006-06-27
Buffer overflow in cddbd CD database server allows remote attackers to execute arbitrary commands via a long log message.
CVSS Score
7.5
EPSS Score
0.011
Published
1996-11-26