Article ID : 00182721 / Last Modified : 12/12/2017

SonicStage CP (SonicStage Versions 4.0/4.1/4.2/4.3) Security Update Program

Applicable Products and Categories of This Article

2007-11-07

Sony today announced the release of a security update program to address potential security vulnerability resulting from a buffer overflow in some versions of SonicStageCP® music management software, announced on November 7, 2007. SonicStage® users are requested to download the security update program in accordance with the following procedures.

Version of SonicStage® subjected to security update
SonicStage® CP (SonicStage® Versions 4.0/4.1/4.2/4.3)
*Upgraded SonicStage® versions are also subjected to this security update.

Description of update

This security update program fixes a potential buffer overflow when importing certain malicious play list (m3u) files that could cause the above listed versions of SonicStage® to crash and execute an arbitrary code.
CVE-ID*: CVE-2007-5709

Sony gives credit to Secunia for discovering and reporting this issue.

Please access the links below to download the security update programs for the respective products.

*CVE (Common Vulnerabilities and Exposures) is a vulnerabilities issue list identification number.