Sony's SonicStage CP contains playlist security hole

We've never had much love for Sony's SonicStage software, and now it looks like there's yet another reason to avoid it: according to Secunia, there's a buffer overflow vulnerability in the latest edition, version 4.3, that allows arbitrary code to be injected and run. The bug is triggered by .m3u playlists that contain over 1000 characters and there are already sample exploits floating around, so those of you still rocking the ATRAC action may want to avoid downloaded playlists until things get patched up.

[Via Heise Security]