Article ID : 00182721 / Last Modified : 11/07/2019

SonicStage CP (SonicStage Versions 4.0/4.1/4.2/4.3) Security Update Program

    2007-11-07

    Sony today announced the release of a security update program to address potential security vulnerability resulting from a buffer overflow in some versions of SonicStageCP® music management software, announced on November 7, 2007. SonicStage® users are requested to download the security update program in accordance with the following procedures.

    Version of SonicStage® subjected to security update
    SonicStage® CP (SonicStage® Versions 4.0/4.1/4.2/4.3)
    *Upgraded SonicStage® versions are also subjected to this security update.

    Description of update

    This security update program fixes a potential buffer overflow when importing certain malicious play list (m3u) files that could cause the above listed versions of SonicStage® to crash and execute an arbitrary code.
    CVE-ID*: CVE-2007-5709

    Sony gives credit to Secunia for discovering and reporting this issue.

    Please access the links below to download the security update programs for the respective products.

    *CVE (Common Vulnerabilities and Exposures) is a vulnerabilities issue list identification number.