Computer Security
[EN] securityvulns.ru no-pyccku


libmodplug library multiple security vulnerabilities
Published:07.05.2009
Source:
SecurityVulns ID:9897
Type:library
Threat Level:
5/10
Description:Buffer overflow on .PAT and .MED files parsing.
Affected:LIBMODPLUG : libmodplug 0.8
 LIBMODPLUG : libmodplug 0.7
CVE:CVE-2009-1438 (Integer overflow in the CSoundFile::ReadMed function (src/load_med.cpp) in libmodplug before 0.8.6, as used in gstreamer-plugins and other products, allows context-dependent attackers to execute arbitrary code via a MED file with a crafted (1) song comment or (2) song name, which triggers a heap-based buffer overflow.)
Original documentdocumentUBUNTU, [USN-771-1] libmodplug vulnerabilities (07.05.2009)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod