Vulnerability CVE-2011-2913: Information
Description
Off-by-one error in the CSoundFile::ReadAMS function in src/load_ams.cpp in libmodplug before 0.8.8.4 allows remote attackers to cause a denial of service (stack memory corruption) and possibly execute arbitrary code via a crafted AMS file with a large number of samples.
Severity: MEDIUM (6.8)
References to Advisories, Solutions, and Tools
Hyperlink | Resource |
---|---|
48439 |
|
46043 |
|
[oss-security] 20120812 Re: CVE request: libmodplug: multiple vulnerabilities reported in <= 0.8.8.3 | |
48434 |
|
FEDORA-2011-10503 | |
46032 |
|
FEDORA-2011-12370 | |
openSUSE-SU-2011:0943 | |
http://sourceforge.net/projects/modplug-xmms/files/libmodplug/0.8.8.4/ | |
GLSA-201203-16 | |
45131 |
|
45901 |
|
74210 | |
[oss-security] 20120810 CVE request: libmodplug: multiple vulnerabilities reported in <= 0.8.8.3 | |
http://jira.atheme.org/browse/AUDPLUG-394 | |
48979 | |
RHSA-2011:1264 | |
45658 |
|
USN-1255-1 | |
GLSA-201203-14 | |
46793 |
|
45742 |
|
48058 |
|
DSA-2415 | |
libmodplug-ams-code-execution(68985) | |
http://modplug-xmms.git.sourceforge.net/git/gitweb.cgi?p=modplug-xmms/modplug-xmms%3Ba=commitdiff%3Bh=26243ab9fe1171f70053e9aec4b20e9f7de9e4ef |