Article ID : 00180857 / Last Modified : 16/08/2017Print

Sony Releases SonicStage CP (SonicStage Versions 4.0/4.1/4.2/4.3) Security Update Program


    Sony today announced the release of a security update program to address potential security vulnerability resulting from a buffer overflow in some versions of SonicStageCP music management software, announced on November 7, 2007. SonicStage users are requested to download the security update program in accordance with the following procedures.

    Version of SonicStage subjected to security update
    SonicStage CP (SonicStage Versions 4.0/4.1/4.2/4.3)
    *Upgraded SonicStage versions are also subjected to this security update.

    Description of update
    This security update program fixes a potential buffer overflow when importing certain malicious play list (m3u) files that could cause the above listed versions of SonicStage to crash and execute an arbitrary code.
    CVE-ID*: CVE-2007-5709
    Sony gives credit to Secunia for discovering and reporting this issue.

    Please access the links below to download the security update programs for the respective products.

    *CVE (Common Vulnerabilities and Exposures) is a vulnerabilities issue list identification number.