Уязвимость CVE-2011-2911: Информация
Описание
Integer overflow in the CSoundFile::ReadWav function in src/load_wav.cpp in libmodplug before 0.8.8.4 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted WAV file, which triggers a heap-based buffer overflow.
Важность: MEDIUM (6,8)
Ссылки на рекомендации, решения и инструменты
Ссылка | Ресурс |
---|---|
http://sourceforge.net/projects/modplug-xmms/files/libmodplug/0.8.8.4/ | |
DSA-2415 | |
45131 |
|
[oss-security] 20120812 Re: CVE request: libmodplug: multiple vulnerabilities reported in <= 0.8.8.3 | |
74208 | |
FEDORA-2011-12370 | |
USN-1255-1 | |
46793 |
|
[oss-security] 20120810 CVE request: libmodplug: multiple vulnerabilities reported in <= 0.8.8.3 | |
45901 |
|
http://jira.atheme.org/browse/AUDPLUG-394 | |
openSUSE-SU-2011:0943 | |
48434 |
|
FEDORA-2011-10503 | |
46032 |
|
45742 |
|
48058 |
|
48439 |
|
GLSA-201203-14 | |
48979 | |
RHSA-2011:1264 | |
46043 |
|
45658 |
|
GLSA-201203-16 | |
libmodplug-wav-bo(68983) | |
http://modplug-xmms.git.sourceforge.net/git/gitweb.cgi?p=modplug-xmms/modplug-xmms%3Ba=commitdiff%3Bh=2d4c56de314ab13e4437bd8b609f0b751066eee8 |