Vulnerability-Lookup

Search criteria ⓘ Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.

Full-Text Search

Vendor

Product

Assigner

Sources

Sort by

Order

Apply ordering (override relevance)

CVE-2013-4234 (GCVE-0-2013-4234)

Vulnerability from nvd – Published: 2013-09-16 19:00 – Updated: 2024-08-06 16:38

Summary

Multiple heap-based buffer overflows in the (1) abc_MIDI_drum and (2) abc_MIDI_gchord functions in load_abc.cpp in libmodplug 0.8.8.4 and earlier allow remote attackers to cause a denial of service (memory corruption and crash) and possibly execute arbitrary code via a crafted ABC.

Severity ?

No CVSS data available.

CWE

n/a

Assigner

redhat

References

URL

Tags

	http://www.debian.org/security/2013/dsa-2751	vendor-advisoryx_refsource_DEBIAN
	http://blog.scrt.ch/2013/07/24/vlc-abc-parsing-se…	x_refsource_MISC
	http://secunia.com/advisories/54388	third-party-advisoryx_refsource_SECUNIA
	http://www.openwall.com/lists/oss-security/2013/08/10/3	mailing-listx_refsource_MLIST
	http://www.securityfocus.com/bid/61714	vdb-entryx_refsource_BID
	http://secunia.com/advisories/54695	third-party-advisoryx_refsource_SECUNIA

Date Public ?

2013-07-24 00:00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T16:38:01.767Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "DSA-2751",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2013/dsa-2751"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://blog.scrt.ch/2013/07/24/vlc-abc-parsing-seems-to-be-a-ctf-challenge/"
          },
          {
            "name": "54388",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/54388"
          },
          {
            "name": "[oss-security] 20130809 Re: CVE Request - LibModPlug \u003c=0.8.8.4 multiple heap  overflow",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2013/08/10/3"
          },
          {
            "name": "61714",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/61714"
          },
          {
            "name": "54695",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/54695"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2013-07-24T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Multiple heap-based buffer overflows in the (1) abc_MIDI_drum and (2) abc_MIDI_gchord functions in load_abc.cpp in libmodplug 0.8.8.4 and earlier allow remote attackers to cause a denial of service (memory corruption and crash) and possibly execute arbitrary code via a crafted ABC."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2016-12-29T18:57:01.000Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "DSA-2751",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2013/dsa-2751"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://blog.scrt.ch/2013/07/24/vlc-abc-parsing-seems-to-be-a-ctf-challenge/"
        },
        {
          "name": "54388",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/54388"
        },
        {
          "name": "[oss-security] 20130809 Re: CVE Request - LibModPlug \u003c=0.8.8.4 multiple heap  overflow",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2013/08/10/3"
        },
        {
          "name": "61714",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/61714"
        },
        {
          "name": "54695",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/54695"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secalert@redhat.com",
          "ID": "CVE-2013-4234",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Multiple heap-based buffer overflows in the (1) abc_MIDI_drum and (2) abc_MIDI_gchord functions in load_abc.cpp in libmodplug 0.8.8.4 and earlier allow remote attackers to cause a denial of service (memory corruption and crash) and possibly execute arbitrary code via a crafted ABC."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "DSA-2751",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2013/dsa-2751"
            },
            {
              "name": "http://blog.scrt.ch/2013/07/24/vlc-abc-parsing-seems-to-be-a-ctf-challenge/",
              "refsource": "MISC",
              "url": "http://blog.scrt.ch/2013/07/24/vlc-abc-parsing-seems-to-be-a-ctf-challenge/"
            },
            {
              "name": "54388",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/54388"
            },
            {
              "name": "[oss-security] 20130809 Re: CVE Request - LibModPlug \u003c=0.8.8.4 multiple heap  overflow",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2013/08/10/3"
            },
            {
              "name": "61714",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/61714"
            },
            {
              "name": "54695",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/54695"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2013-4234",
    "datePublished": "2013-09-16T19:00:00.000Z",
    "dateReserved": "2013-06-12T00:00:00.000Z",
    "dateUpdated": "2024-08-06T16:38:01.767Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2013-4233 (GCVE-0-2013-4233)

Vulnerability from nvd – Published: 2013-09-16 19:00 – Updated: 2024-09-17 00:16

Summary

Integer overflow in the abc_set_parts function in load_abc.cpp in libmodplug 0.8.8.4 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted P header in an ABC file, which triggers a heap-based buffer overflow.

Severity ?

No CVSS data available.

CWE

n/a

Assigner

redhat

References

URL

Tags

	http://www.debian.org/security/2013/dsa-2751	vendor-advisoryx_refsource_DEBIAN
	http://blog.scrt.ch/2013/07/24/vlc-abc-parsing-se…	x_refsource_MISC
	http://secunia.com/advisories/54388	third-party-advisoryx_refsource_SECUNIA
	http://www.openwall.com/lists/oss-security/2013/08/10/3	mailing-listx_refsource_MLIST
	http://secunia.com/advisories/54695	third-party-advisoryx_refsource_SECUNIA

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T16:38:01.693Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "DSA-2751",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2013/dsa-2751"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://blog.scrt.ch/2013/07/24/vlc-abc-parsing-seems-to-be-a-ctf-challenge/"
          },
          {
            "name": "54388",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/54388"
          },
          {
            "name": "[oss-security] 20130809 Re: CVE Request - LibModPlug \u003c=0.8.8.4 multiple heap  overflow",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2013/08/10/3"
          },
          {
            "name": "54695",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/54695"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Integer overflow in the abc_set_parts function in load_abc.cpp in libmodplug 0.8.8.4 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted P header in an ABC file, which triggers a heap-based buffer overflow."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2013-09-16T19:00:00.000Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "DSA-2751",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2013/dsa-2751"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://blog.scrt.ch/2013/07/24/vlc-abc-parsing-seems-to-be-a-ctf-challenge/"
        },
        {
          "name": "54388",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/54388"
        },
        {
          "name": "[oss-security] 20130809 Re: CVE Request - LibModPlug \u003c=0.8.8.4 multiple heap  overflow",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2013/08/10/3"
        },
        {
          "name": "54695",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/54695"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secalert@redhat.com",
          "ID": "CVE-2013-4233",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Integer overflow in the abc_set_parts function in load_abc.cpp in libmodplug 0.8.8.4 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted P header in an ABC file, which triggers a heap-based buffer overflow."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "DSA-2751",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2013/dsa-2751"
            },
            {
              "name": "http://blog.scrt.ch/2013/07/24/vlc-abc-parsing-seems-to-be-a-ctf-challenge/",
              "refsource": "MISC",
              "url": "http://blog.scrt.ch/2013/07/24/vlc-abc-parsing-seems-to-be-a-ctf-challenge/"
            },
            {
              "name": "54388",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/54388"
            },
            {
              "name": "[oss-security] 20130809 Re: CVE Request - LibModPlug \u003c=0.8.8.4 multiple heap  overflow",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2013/08/10/3"
            },
            {
              "name": "54695",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/54695"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2013-4233",
    "datePublished": "2013-09-16T19:00:00.000Z",
    "dateReserved": "2013-06-12T00:00:00.000Z",
    "dateUpdated": "2024-09-17T00:16:36.871Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2011-2915 (GCVE-0-2011-2915)

Vulnerability from nvd – Published: 2012-06-07 19:00 – Updated: 2024-08-06 23:15

Summary

Off-by-one error in the CSoundFile::ReadAMS2 function in src/load_ams.cpp in libmodplug before 0.8.8.4 allows remote attackers to cause a denial of service (memory corruption) and possibly execute arbitrary code via a crafted AMS file with a large number of instruments.

Severity ?

No CVSS data available.

CWE

n/a

Assigner

redhat

References

URL

Tags

	http://lists.fedoraproject.org/pipermail/package-…	vendor-advisoryx_refsource_FEDORA
	http://www.openwall.com/lists/oss-security/2011/08/10/4	mailing-listx_refsource_MLIST
	http://www.debian.org/security/2012/dsa-2415	vendor-advisoryx_refsource_DEBIAN
	http://sourceforge.net/projects/modplug-xmms/file…	x_refsource_CONFIRM
	http://www.gentoo.org/security/en/glsa/glsa-20120…	vendor-advisoryx_refsource_GENTOO
	http://lists.fedoraproject.org/pipermail/package-…	vendor-advisoryx_refsource_FEDORA
	http://secunia.com/advisories/45131	third-party-advisoryx_refsource_SECUNIA
	http://www.openwall.com/lists/oss-security/2011/08/12/4	mailing-listx_refsource_MLIST
	http://secunia.com/advisories/48058	third-party-advisoryx_refsource_SECUNIA
	http://secunia.com/advisories/46032	third-party-advisoryx_refsource_SECUNIA
	https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF
	http://secunia.com/advisories/46793	third-party-advisoryx_refsource_SECUNIA
	http://secunia.com/advisories/48439	third-party-advisoryx_refsource_SECUNIA
	http://secunia.com/advisories/45742	third-party-advisoryx_refsource_SECUNIA
	http://ubuntu.com/usn/usn-1255-1	vendor-advisoryx_refsource_UBUNTU
	http://lists.opensuse.org/opensuse-security-annou…	vendor-advisoryx_refsource_SUSE
	http://secunia.com/advisories/48434	third-party-advisoryx_refsource_SECUNIA
	http://www.securityfocus.com/bid/48979	vdb-entryx_refsource_BID
	http://www.gentoo.org/security/en/glsa/glsa-20120…	vendor-advisoryx_refsource_GENTOO
	http://secunia.com/advisories/45901	third-party-advisoryx_refsource_SECUNIA
	http://modplug-xmms.git.sourceforge.net/git/gitwe…	x_refsource_CONFIRM
	http://rhn.redhat.com/errata/RHSA-2011-1264.html	vendor-advisoryx_refsource_REDHAT
	http://secunia.com/advisories/46043	third-party-advisoryx_refsource_SECUNIA
	http://jira.atheme.org/browse/AUDPLUG-394	x_refsource_CONFIRM
	http://www.osvdb.org/74210	vdb-entryx_refsource_OSVDB
	http://secunia.com/advisories/45658	third-party-advisoryx_refsource_SECUNIA

Date Public ?

2011-08-03 00:00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T23:15:31.655Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "FEDORA-2011-12370",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-September/066044.html"
          },
          {
            "name": "[oss-security] 20120810 CVE request: libmodplug: multiple  vulnerabilities reported in \u003c= 0.8.8.3",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2011/08/10/4"
          },
          {
            "name": "DSA-2415",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2012/dsa-2415"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://sourceforge.net/projects/modplug-xmms/files/libmodplug/0.8.8.4/"
          },
          {
            "name": "GLSA-201203-16",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://www.gentoo.org/security/en/glsa/glsa-201203-16.xml"
          },
          {
            "name": "FEDORA-2011-10503",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-August/063786.html"
          },
          {
            "name": "45131",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/45131"
          },
          {
            "name": "[oss-security] 20120812 Re: CVE request: libmodplug: multiple  vulnerabilities reported in \u003c= 0.8.8.3",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2011/08/12/4"
          },
          {
            "name": "48058",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/48058"
          },
          {
            "name": "46032",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/46032"
          },
          {
            "name": "libmodplug-csoundfile-code-exec(68987)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/68987"
          },
          {
            "name": "46793",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/46793"
          },
          {
            "name": "48439",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/48439"
          },
          {
            "name": "45742",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/45742"
          },
          {
            "name": "USN-1255-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://ubuntu.com/usn/usn-1255-1"
          },
          {
            "name": "openSUSE-SU-2011:0943",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00019.html"
          },
          {
            "name": "48434",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/48434"
          },
          {
            "name": "48979",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/48979"
          },
          {
            "name": "GLSA-201203-14",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://www.gentoo.org/security/en/glsa/glsa-201203-14.xml"
          },
          {
            "name": "45901",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/45901"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://modplug-xmms.git.sourceforge.net/git/gitweb.cgi?p=modplug-xmms/modplug-xmms%3Ba=commitdiff%3Bh=16d7a78efe14d345a6c5b241f88422ad0ee483ea"
          },
          {
            "name": "RHSA-2011:1264",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2011-1264.html"
          },
          {
            "name": "46043",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/46043"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://jira.atheme.org/browse/AUDPLUG-394"
          },
          {
            "name": "74210",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://www.osvdb.org/74210"
          },
          {
            "name": "45658",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/45658"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2011-08-03T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Off-by-one error in the CSoundFile::ReadAMS2 function in src/load_ams.cpp in libmodplug before 0.8.8.4 allows remote attackers to cause a denial of service (memory corruption) and possibly execute arbitrary code via a crafted AMS file with a large number of instruments."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-08-28T12:57:01.000Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "FEDORA-2011-12370",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-September/066044.html"
        },
        {
          "name": "[oss-security] 20120810 CVE request: libmodplug: multiple  vulnerabilities reported in \u003c= 0.8.8.3",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2011/08/10/4"
        },
        {
          "name": "DSA-2415",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2012/dsa-2415"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://sourceforge.net/projects/modplug-xmms/files/libmodplug/0.8.8.4/"
        },
        {
          "name": "GLSA-201203-16",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://www.gentoo.org/security/en/glsa/glsa-201203-16.xml"
        },
        {
          "name": "FEDORA-2011-10503",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-August/063786.html"
        },
        {
          "name": "45131",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/45131"
        },
        {
          "name": "[oss-security] 20120812 Re: CVE request: libmodplug: multiple  vulnerabilities reported in \u003c= 0.8.8.3",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2011/08/12/4"
        },
        {
          "name": "48058",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/48058"
        },
        {
          "name": "46032",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/46032"
        },
        {
          "name": "libmodplug-csoundfile-code-exec(68987)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/68987"
        },
        {
          "name": "46793",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/46793"
        },
        {
          "name": "48439",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/48439"
        },
        {
          "name": "45742",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/45742"
        },
        {
          "name": "USN-1255-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://ubuntu.com/usn/usn-1255-1"
        },
        {
          "name": "openSUSE-SU-2011:0943",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00019.html"
        },
        {
          "name": "48434",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/48434"
        },
        {
          "name": "48979",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/48979"
        },
        {
          "name": "GLSA-201203-14",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://www.gentoo.org/security/en/glsa/glsa-201203-14.xml"
        },
        {
          "name": "45901",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/45901"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://modplug-xmms.git.sourceforge.net/git/gitweb.cgi?p=modplug-xmms/modplug-xmms%3Ba=commitdiff%3Bh=16d7a78efe14d345a6c5b241f88422ad0ee483ea"
        },
        {
          "name": "RHSA-2011:1264",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2011-1264.html"
        },
        {
          "name": "46043",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/46043"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://jira.atheme.org/browse/AUDPLUG-394"
        },
        {
          "name": "74210",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://www.osvdb.org/74210"
        },
        {
          "name": "45658",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/45658"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2011-2915",
    "datePublished": "2012-06-07T19:00:00.000Z",
    "dateReserved": "2011-07-27T00:00:00.000Z",
    "dateUpdated": "2024-08-06T23:15:31.655Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2011-2914 (GCVE-0-2011-2914)

Vulnerability from nvd – Published: 2012-06-07 19:00 – Updated: 2024-08-06 23:15

Summary

Off-by-one error in the CSoundFile::ReadDSM function in src/load_dms.cpp in libmodplug before 0.8.8.4 allows remote attackers to cause a denial of service (memory corruption) and possibly execute arbitrary code via a crafted DSM file with a large number of samples.

Severity ?

No CVSS data available.

CWE

n/a

Assigner

redhat

References

URL

Tags

	http://lists.fedoraproject.org/pipermail/package-…	vendor-advisoryx_refsource_FEDORA
	http://www.openwall.com/lists/oss-security/2011/08/10/4	mailing-listx_refsource_MLIST
	http://www.debian.org/security/2012/dsa-2415	vendor-advisoryx_refsource_DEBIAN
	http://sourceforge.net/projects/modplug-xmms/file…	x_refsource_CONFIRM
	http://www.gentoo.org/security/en/glsa/glsa-20120…	vendor-advisoryx_refsource_GENTOO
	http://www.osvdb.org/74211	vdb-entryx_refsource_OSVDB
	http://lists.fedoraproject.org/pipermail/package-…	vendor-advisoryx_refsource_FEDORA
	http://secunia.com/advisories/45131	third-party-advisoryx_refsource_SECUNIA
	http://www.openwall.com/lists/oss-security/2011/08/12/4	mailing-listx_refsource_MLIST
	http://modplug-xmms.git.sourceforge.net/git/gitwe…	x_refsource_CONFIRM
	http://secunia.com/advisories/48058	third-party-advisoryx_refsource_SECUNIA
	http://secunia.com/advisories/46032	third-party-advisoryx_refsource_SECUNIA
	http://secunia.com/advisories/46793	third-party-advisoryx_refsource_SECUNIA
	https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF
	http://secunia.com/advisories/48439	third-party-advisoryx_refsource_SECUNIA
	http://secunia.com/advisories/45742	third-party-advisoryx_refsource_SECUNIA
	http://ubuntu.com/usn/usn-1255-1	vendor-advisoryx_refsource_UBUNTU
	http://lists.opensuse.org/opensuse-security-annou…	vendor-advisoryx_refsource_SUSE
	http://secunia.com/advisories/48434	third-party-advisoryx_refsource_SECUNIA
	http://www.securityfocus.com/bid/48979	vdb-entryx_refsource_BID
	http://www.gentoo.org/security/en/glsa/glsa-20120…	vendor-advisoryx_refsource_GENTOO
	http://secunia.com/advisories/45901	third-party-advisoryx_refsource_SECUNIA
	http://rhn.redhat.com/errata/RHSA-2011-1264.html	vendor-advisoryx_refsource_REDHAT
	http://secunia.com/advisories/46043	third-party-advisoryx_refsource_SECUNIA
	http://jira.atheme.org/browse/AUDPLUG-394	x_refsource_CONFIRM
	http://secunia.com/advisories/45658	third-party-advisoryx_refsource_SECUNIA

Date Public ?

2011-08-03 00:00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T23:15:31.776Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "FEDORA-2011-12370",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-September/066044.html"
          },
          {
            "name": "[oss-security] 20120810 CVE request: libmodplug: multiple  vulnerabilities reported in \u003c= 0.8.8.3",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2011/08/10/4"
          },
          {
            "name": "DSA-2415",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2012/dsa-2415"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://sourceforge.net/projects/modplug-xmms/files/libmodplug/0.8.8.4/"
          },
          {
            "name": "GLSA-201203-16",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://www.gentoo.org/security/en/glsa/glsa-201203-16.xml"
          },
          {
            "name": "74211",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://www.osvdb.org/74211"
          },
          {
            "name": "FEDORA-2011-10503",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-August/063786.html"
          },
          {
            "name": "45131",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/45131"
          },
          {
            "name": "[oss-security] 20120812 Re: CVE request: libmodplug: multiple  vulnerabilities reported in \u003c= 0.8.8.3",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2011/08/12/4"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://modplug-xmms.git.sourceforge.net/git/gitweb.cgi?p=modplug-xmms/modplug-xmms%3Ba=commitdiff%3Bh=26243ab9fe1171f70053e9aec4b20e9f7de9e4ef"
          },
          {
            "name": "48058",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/48058"
          },
          {
            "name": "46032",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/46032"
          },
          {
            "name": "46793",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/46793"
          },
          {
            "name": "libmodplug-dsm-code-execution(68986)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/68985"
          },
          {
            "name": "48439",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/48439"
          },
          {
            "name": "45742",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/45742"
          },
          {
            "name": "USN-1255-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://ubuntu.com/usn/usn-1255-1"
          },
          {
            "name": "openSUSE-SU-2011:0943",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00019.html"
          },
          {
            "name": "48434",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/48434"
          },
          {
            "name": "48979",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/48979"
          },
          {
            "name": "GLSA-201203-14",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://www.gentoo.org/security/en/glsa/glsa-201203-14.xml"
          },
          {
            "name": "45901",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/45901"
          },
          {
            "name": "RHSA-2011:1264",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2011-1264.html"
          },
          {
            "name": "46043",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/46043"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://jira.atheme.org/browse/AUDPLUG-394"
          },
          {
            "name": "45658",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/45658"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2011-08-03T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Off-by-one error in the CSoundFile::ReadDSM function in src/load_dms.cpp in libmodplug before 0.8.8.4 allows remote attackers to cause a denial of service (memory corruption) and possibly execute arbitrary code via a crafted DSM file with a large number of samples."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-08-28T12:57:01.000Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "FEDORA-2011-12370",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-September/066044.html"
        },
        {
          "name": "[oss-security] 20120810 CVE request: libmodplug: multiple  vulnerabilities reported in \u003c= 0.8.8.3",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2011/08/10/4"
        },
        {
          "name": "DSA-2415",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2012/dsa-2415"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://sourceforge.net/projects/modplug-xmms/files/libmodplug/0.8.8.4/"
        },
        {
          "name": "GLSA-201203-16",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://www.gentoo.org/security/en/glsa/glsa-201203-16.xml"
        },
        {
          "name": "74211",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://www.osvdb.org/74211"
        },
        {
          "name": "FEDORA-2011-10503",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-August/063786.html"
        },
        {
          "name": "45131",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/45131"
        },
        {
          "name": "[oss-security] 20120812 Re: CVE request: libmodplug: multiple  vulnerabilities reported in \u003c= 0.8.8.3",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2011/08/12/4"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://modplug-xmms.git.sourceforge.net/git/gitweb.cgi?p=modplug-xmms/modplug-xmms%3Ba=commitdiff%3Bh=26243ab9fe1171f70053e9aec4b20e9f7de9e4ef"
        },
        {
          "name": "48058",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/48058"
        },
        {
          "name": "46032",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/46032"
        },
        {
          "name": "46793",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/46793"
        },
        {
          "name": "libmodplug-dsm-code-execution(68986)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/68985"
        },
        {
          "name": "48439",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/48439"
        },
        {
          "name": "45742",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/45742"
        },
        {
          "name": "USN-1255-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://ubuntu.com/usn/usn-1255-1"
        },
        {
          "name": "openSUSE-SU-2011:0943",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00019.html"
        },
        {
          "name": "48434",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/48434"
        },
        {
          "name": "48979",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/48979"
        },
        {
          "name": "GLSA-201203-14",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://www.gentoo.org/security/en/glsa/glsa-201203-14.xml"
        },
        {
          "name": "45901",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/45901"
        },
        {
          "name": "RHSA-2011:1264",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2011-1264.html"
        },
        {
          "name": "46043",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/46043"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://jira.atheme.org/browse/AUDPLUG-394"
        },
        {
          "name": "45658",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/45658"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2011-2914",
    "datePublished": "2012-06-07T19:00:00.000Z",
    "dateReserved": "2011-07-27T00:00:00.000Z",
    "dateUpdated": "2024-08-06T23:15:31.776Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2011-2913 (GCVE-0-2011-2913)

Vulnerability from nvd – Published: 2012-06-07 19:00 – Updated: 2024-08-06 23:15

Summary

Off-by-one error in the CSoundFile::ReadAMS function in src/load_ams.cpp in libmodplug before 0.8.8.4 allows remote attackers to cause a denial of service (stack memory corruption) and possibly execute arbitrary code via a crafted AMS file with a large number of samples.

Severity ?

No CVSS data available.

CWE

n/a

Assigner

redhat

References

URL

Tags

	http://lists.fedoraproject.org/pipermail/package-…	vendor-advisoryx_refsource_FEDORA
	http://www.openwall.com/lists/oss-security/2011/08/10/4	mailing-listx_refsource_MLIST
	http://www.debian.org/security/2012/dsa-2415	vendor-advisoryx_refsource_DEBIAN
	http://sourceforge.net/projects/modplug-xmms/file…	x_refsource_CONFIRM
	http://www.gentoo.org/security/en/glsa/glsa-20120…	vendor-advisoryx_refsource_GENTOO
	http://lists.fedoraproject.org/pipermail/package-…	vendor-advisoryx_refsource_FEDORA
	http://secunia.com/advisories/45131	third-party-advisoryx_refsource_SECUNIA
	http://www.openwall.com/lists/oss-security/2011/08/12/4	mailing-listx_refsource_MLIST
	http://modplug-xmms.git.sourceforge.net/git/gitwe…	x_refsource_CONFIRM
	http://secunia.com/advisories/48058	third-party-advisoryx_refsource_SECUNIA
	http://secunia.com/advisories/46032	third-party-advisoryx_refsource_SECUNIA
	http://secunia.com/advisories/46793	third-party-advisoryx_refsource_SECUNIA
	http://secunia.com/advisories/48439	third-party-advisoryx_refsource_SECUNIA
	http://secunia.com/advisories/45742	third-party-advisoryx_refsource_SECUNIA
	http://ubuntu.com/usn/usn-1255-1	vendor-advisoryx_refsource_UBUNTU
	http://lists.opensuse.org/opensuse-security-annou…	vendor-advisoryx_refsource_SUSE
	http://secunia.com/advisories/48434	third-party-advisoryx_refsource_SECUNIA
	http://www.securityfocus.com/bid/48979	vdb-entryx_refsource_BID
	http://www.gentoo.org/security/en/glsa/glsa-20120…	vendor-advisoryx_refsource_GENTOO
	http://secunia.com/advisories/45901	third-party-advisoryx_refsource_SECUNIA
	http://rhn.redhat.com/errata/RHSA-2011-1264.html	vendor-advisoryx_refsource_REDHAT
	https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF
	http://secunia.com/advisories/46043	third-party-advisoryx_refsource_SECUNIA
	http://jira.atheme.org/browse/AUDPLUG-394	x_refsource_CONFIRM
	http://www.osvdb.org/74210	vdb-entryx_refsource_OSVDB
	http://secunia.com/advisories/45658	third-party-advisoryx_refsource_SECUNIA

Date Public ?

2011-08-03 00:00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T23:15:31.946Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "FEDORA-2011-12370",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-September/066044.html"
          },
          {
            "name": "[oss-security] 20120810 CVE request: libmodplug: multiple  vulnerabilities reported in \u003c= 0.8.8.3",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2011/08/10/4"
          },
          {
            "name": "DSA-2415",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2012/dsa-2415"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://sourceforge.net/projects/modplug-xmms/files/libmodplug/0.8.8.4/"
          },
          {
            "name": "GLSA-201203-16",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://www.gentoo.org/security/en/glsa/glsa-201203-16.xml"
          },
          {
            "name": "FEDORA-2011-10503",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-August/063786.html"
          },
          {
            "name": "45131",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/45131"
          },
          {
            "name": "[oss-security] 20120812 Re: CVE request: libmodplug: multiple  vulnerabilities reported in \u003c= 0.8.8.3",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2011/08/12/4"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://modplug-xmms.git.sourceforge.net/git/gitweb.cgi?p=modplug-xmms/modplug-xmms%3Ba=commitdiff%3Bh=26243ab9fe1171f70053e9aec4b20e9f7de9e4ef"
          },
          {
            "name": "48058",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/48058"
          },
          {
            "name": "46032",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/46032"
          },
          {
            "name": "46793",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/46793"
          },
          {
            "name": "48439",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/48439"
          },
          {
            "name": "45742",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/45742"
          },
          {
            "name": "USN-1255-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://ubuntu.com/usn/usn-1255-1"
          },
          {
            "name": "openSUSE-SU-2011:0943",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00019.html"
          },
          {
            "name": "48434",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/48434"
          },
          {
            "name": "48979",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/48979"
          },
          {
            "name": "GLSA-201203-14",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://www.gentoo.org/security/en/glsa/glsa-201203-14.xml"
          },
          {
            "name": "45901",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/45901"
          },
          {
            "name": "RHSA-2011:1264",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2011-1264.html"
          },
          {
            "name": "libmodplug-ams-code-execution(68985)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/68985"
          },
          {
            "name": "46043",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/46043"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://jira.atheme.org/browse/AUDPLUG-394"
          },
          {
            "name": "74210",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://www.osvdb.org/74210"
          },
          {
            "name": "45658",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/45658"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2011-08-03T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Off-by-one error in the CSoundFile::ReadAMS function in src/load_ams.cpp in libmodplug before 0.8.8.4 allows remote attackers to cause a denial of service (stack memory corruption) and possibly execute arbitrary code via a crafted AMS file with a large number of samples."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-08-28T12:57:01.000Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "FEDORA-2011-12370",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-September/066044.html"
        },
        {
          "name": "[oss-security] 20120810 CVE request: libmodplug: multiple  vulnerabilities reported in \u003c= 0.8.8.3",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2011/08/10/4"
        },
        {
          "name": "DSA-2415",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2012/dsa-2415"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://sourceforge.net/projects/modplug-xmms/files/libmodplug/0.8.8.4/"
        },
        {
          "name": "GLSA-201203-16",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://www.gentoo.org/security/en/glsa/glsa-201203-16.xml"
        },
        {
          "name": "FEDORA-2011-10503",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-August/063786.html"
        },
        {
          "name": "45131",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/45131"
        },
        {
          "name": "[oss-security] 20120812 Re: CVE request: libmodplug: multiple  vulnerabilities reported in \u003c= 0.8.8.3",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2011/08/12/4"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://modplug-xmms.git.sourceforge.net/git/gitweb.cgi?p=modplug-xmms/modplug-xmms%3Ba=commitdiff%3Bh=26243ab9fe1171f70053e9aec4b20e9f7de9e4ef"
        },
        {
          "name": "48058",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/48058"
        },
        {
          "name": "46032",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/46032"
        },
        {
          "name": "46793",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/46793"
        },
        {
          "name": "48439",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/48439"
        },
        {
          "name": "45742",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/45742"
        },
        {
          "name": "USN-1255-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://ubuntu.com/usn/usn-1255-1"
        },
        {
          "name": "openSUSE-SU-2011:0943",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00019.html"
        },
        {
          "name": "48434",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/48434"
        },
        {
          "name": "48979",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/48979"
        },
        {
          "name": "GLSA-201203-14",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://www.gentoo.org/security/en/glsa/glsa-201203-14.xml"
        },
        {
          "name": "45901",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/45901"
        },
        {
          "name": "RHSA-2011:1264",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2011-1264.html"
        },
        {
          "name": "libmodplug-ams-code-execution(68985)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/68985"
        },
        {
          "name": "46043",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/46043"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://jira.atheme.org/browse/AUDPLUG-394"
        },
        {
          "name": "74210",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://www.osvdb.org/74210"
        },
        {
          "name": "45658",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/45658"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2011-2913",
    "datePublished": "2012-06-07T19:00:00.000Z",
    "dateReserved": "2011-07-27T00:00:00.000Z",
    "dateUpdated": "2024-08-06T23:15:31.946Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2011-2912 (GCVE-0-2011-2912)

Vulnerability from nvd – Published: 2012-06-07 19:00 – Updated: 2024-08-06 23:15

Summary

Stack-based buffer overflow in the CSoundFile::ReadS3M function in src/load_s3m.cpp in libmodplug before 0.8.8.4 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted S3M file with an invalid offset.

Severity ?

No CVSS data available.

CWE

n/a

Assigner

redhat

References

URL

Tags

	http://lists.fedoraproject.org/pipermail/package-…	vendor-advisoryx_refsource_FEDORA
	http://www.openwall.com/lists/oss-security/2011/08/10/4	mailing-listx_refsource_MLIST
	http://www.debian.org/security/2012/dsa-2415	vendor-advisoryx_refsource_DEBIAN
	http://sourceforge.net/projects/modplug-xmms/file…	x_refsource_CONFIRM
	http://www.gentoo.org/security/en/glsa/glsa-20120…	vendor-advisoryx_refsource_GENTOO
	http://lists.fedoraproject.org/pipermail/package-…	vendor-advisoryx_refsource_FEDORA
	http://secunia.com/advisories/45131	third-party-advisoryx_refsource_SECUNIA
	http://www.openwall.com/lists/oss-security/2011/08/12/4	mailing-listx_refsource_MLIST
	http://secunia.com/advisories/48058	third-party-advisoryx_refsource_SECUNIA
	http://secunia.com/advisories/46032	third-party-advisoryx_refsource_SECUNIA
	http://secunia.com/advisories/46793	third-party-advisoryx_refsource_SECUNIA
	http://secunia.com/advisories/48439	third-party-advisoryx_refsource_SECUNIA
	http://secunia.com/advisories/45742	third-party-advisoryx_refsource_SECUNIA
	http://ubuntu.com/usn/usn-1255-1	vendor-advisoryx_refsource_UBUNTU
	http://modplug-xmms.git.sourceforge.net/git/gitwe…	x_refsource_CONFIRM
	http://lists.opensuse.org/opensuse-security-annou…	vendor-advisoryx_refsource_SUSE
	http://secunia.com/advisories/48434	third-party-advisoryx_refsource_SECUNIA
	https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF
	http://www.securityfocus.com/bid/48979	vdb-entryx_refsource_BID
	http://www.gentoo.org/security/en/glsa/glsa-20120…	vendor-advisoryx_refsource_GENTOO
	http://secunia.com/advisories/45901	third-party-advisoryx_refsource_SECUNIA
	http://rhn.redhat.com/errata/RHSA-2011-1264.html	vendor-advisoryx_refsource_REDHAT
	http://secunia.com/advisories/46043	third-party-advisoryx_refsource_SECUNIA
	http://jira.atheme.org/browse/AUDPLUG-394	x_refsource_CONFIRM
	http://www.osvdb.org/74209	vdb-entryx_refsource_OSVDB
	http://secunia.com/advisories/45658	third-party-advisoryx_refsource_SECUNIA

Date Public ?

2011-08-03 00:00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T23:15:31.904Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "FEDORA-2011-12370",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-September/066044.html"
          },
          {
            "name": "[oss-security] 20120810 CVE request: libmodplug: multiple  vulnerabilities reported in \u003c= 0.8.8.3",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2011/08/10/4"
          },
          {
            "name": "DSA-2415",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2012/dsa-2415"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://sourceforge.net/projects/modplug-xmms/files/libmodplug/0.8.8.4/"
          },
          {
            "name": "GLSA-201203-16",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://www.gentoo.org/security/en/glsa/glsa-201203-16.xml"
          },
          {
            "name": "FEDORA-2011-10503",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-August/063786.html"
          },
          {
            "name": "45131",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/45131"
          },
          {
            "name": "[oss-security] 20120812 Re: CVE request: libmodplug: multiple  vulnerabilities reported in \u003c= 0.8.8.3",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2011/08/12/4"
          },
          {
            "name": "48058",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/48058"
          },
          {
            "name": "46032",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/46032"
          },
          {
            "name": "46793",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/46793"
          },
          {
            "name": "48439",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/48439"
          },
          {
            "name": "45742",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/45742"
          },
          {
            "name": "USN-1255-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://ubuntu.com/usn/usn-1255-1"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://modplug-xmms.git.sourceforge.net/git/gitweb.cgi?p=modplug-xmms/modplug-xmms%3Ba=commitdiff%3Bh=f4e5295658fff000379caa122e75c9200205fe20"
          },
          {
            "name": "openSUSE-SU-2011:0943",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00019.html"
          },
          {
            "name": "48434",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/48434"
          },
          {
            "name": "libmodplug-s3m-bo(68984)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/68984"
          },
          {
            "name": "48979",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/48979"
          },
          {
            "name": "GLSA-201203-14",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://www.gentoo.org/security/en/glsa/glsa-201203-14.xml"
          },
          {
            "name": "45901",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/45901"
          },
          {
            "name": "RHSA-2011:1264",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2011-1264.html"
          },
          {
            "name": "46043",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/46043"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://jira.atheme.org/browse/AUDPLUG-394"
          },
          {
            "name": "74209",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://www.osvdb.org/74209"
          },
          {
            "name": "45658",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/45658"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2011-08-03T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Stack-based buffer overflow in the CSoundFile::ReadS3M function in src/load_s3m.cpp in libmodplug before 0.8.8.4 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted S3M file with an invalid offset."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-08-28T12:57:01.000Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "FEDORA-2011-12370",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-September/066044.html"
        },
        {
          "name": "[oss-security] 20120810 CVE request: libmodplug: multiple  vulnerabilities reported in \u003c= 0.8.8.3",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2011/08/10/4"
        },
        {
          "name": "DSA-2415",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2012/dsa-2415"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://sourceforge.net/projects/modplug-xmms/files/libmodplug/0.8.8.4/"
        },
        {
          "name": "GLSA-201203-16",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://www.gentoo.org/security/en/glsa/glsa-201203-16.xml"
        },
        {
          "name": "FEDORA-2011-10503",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-August/063786.html"
        },
        {
          "name": "45131",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/45131"
        },
        {
          "name": "[oss-security] 20120812 Re: CVE request: libmodplug: multiple  vulnerabilities reported in \u003c= 0.8.8.3",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2011/08/12/4"
        },
        {
          "name": "48058",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/48058"
        },
        {
          "name": "46032",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/46032"
        },
        {
          "name": "46793",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/46793"
        },
        {
          "name": "48439",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/48439"
        },
        {
          "name": "45742",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/45742"
        },
        {
          "name": "USN-1255-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://ubuntu.com/usn/usn-1255-1"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://modplug-xmms.git.sourceforge.net/git/gitweb.cgi?p=modplug-xmms/modplug-xmms%3Ba=commitdiff%3Bh=f4e5295658fff000379caa122e75c9200205fe20"
        },
        {
          "name": "openSUSE-SU-2011:0943",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00019.html"
        },
        {
          "name": "48434",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/48434"
        },
        {
          "name": "libmodplug-s3m-bo(68984)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/68984"
        },
        {
          "name": "48979",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/48979"
        },
        {
          "name": "GLSA-201203-14",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://www.gentoo.org/security/en/glsa/glsa-201203-14.xml"
        },
        {
          "name": "45901",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/45901"
        },
        {
          "name": "RHSA-2011:1264",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2011-1264.html"
        },
        {
          "name": "46043",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/46043"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://jira.atheme.org/browse/AUDPLUG-394"
        },
        {
          "name": "74209",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://www.osvdb.org/74209"
        },
        {
          "name": "45658",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/45658"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2011-2912",
    "datePublished": "2012-06-07T19:00:00.000Z",
    "dateReserved": "2011-07-27T00:00:00.000Z",
    "dateUpdated": "2024-08-06T23:15:31.904Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2011-2911 (GCVE-0-2011-2911)

Vulnerability from nvd – Published: 2012-06-07 19:00 – Updated: 2024-08-06 23:15

Summary

Integer overflow in the CSoundFile::ReadWav function in src/load_wav.cpp in libmodplug before 0.8.8.4 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted WAV file, which triggers a heap-based buffer overflow.

Severity ?

No CVSS data available.

CWE

n/a

Assigner

redhat

References

URL

Tags

	http://lists.fedoraproject.org/pipermail/package-…	vendor-advisoryx_refsource_FEDORA
	http://www.openwall.com/lists/oss-security/2011/08/10/4	mailing-listx_refsource_MLIST
	http://www.debian.org/security/2012/dsa-2415	vendor-advisoryx_refsource_DEBIAN
	http://sourceforge.net/projects/modplug-xmms/file…	x_refsource_CONFIRM
	http://www.gentoo.org/security/en/glsa/glsa-20120…	vendor-advisoryx_refsource_GENTOO
	http://lists.fedoraproject.org/pipermail/package-…	vendor-advisoryx_refsource_FEDORA
	http://secunia.com/advisories/45131	third-party-advisoryx_refsource_SECUNIA
	http://www.openwall.com/lists/oss-security/2011/08/12/4	mailing-listx_refsource_MLIST
	http://secunia.com/advisories/48058	third-party-advisoryx_refsource_SECUNIA
	http://secunia.com/advisories/46032	third-party-advisoryx_refsource_SECUNIA
	http://www.osvdb.org/74208	vdb-entryx_refsource_OSVDB
	http://secunia.com/advisories/46793	third-party-advisoryx_refsource_SECUNIA
	http://secunia.com/advisories/48439	third-party-advisoryx_refsource_SECUNIA
	http://secunia.com/advisories/45742	third-party-advisoryx_refsource_SECUNIA
	http://ubuntu.com/usn/usn-1255-1	vendor-advisoryx_refsource_UBUNTU
	http://lists.opensuse.org/opensuse-security-annou…	vendor-advisoryx_refsource_SUSE
	http://secunia.com/advisories/48434	third-party-advisoryx_refsource_SECUNIA
	http://www.securityfocus.com/bid/48979	vdb-entryx_refsource_BID
	http://www.gentoo.org/security/en/glsa/glsa-20120…	vendor-advisoryx_refsource_GENTOO
	http://modplug-xmms.git.sourceforge.net/git/gitwe…	x_refsource_CONFIRM
	http://secunia.com/advisories/45901	third-party-advisoryx_refsource_SECUNIA
	http://rhn.redhat.com/errata/RHSA-2011-1264.html	vendor-advisoryx_refsource_REDHAT
	http://secunia.com/advisories/46043	third-party-advisoryx_refsource_SECUNIA
	https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF
	http://jira.atheme.org/browse/AUDPLUG-394	x_refsource_CONFIRM
	http://secunia.com/advisories/45658	third-party-advisoryx_refsource_SECUNIA

Date Public ?

2011-08-03 00:00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T23:15:31.663Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "FEDORA-2011-12370",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-September/066044.html"
          },
          {
            "name": "[oss-security] 20120810 CVE request: libmodplug: multiple  vulnerabilities reported in \u003c= 0.8.8.3",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2011/08/10/4"
          },
          {
            "name": "DSA-2415",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2012/dsa-2415"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://sourceforge.net/projects/modplug-xmms/files/libmodplug/0.8.8.4/"
          },
          {
            "name": "GLSA-201203-16",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://www.gentoo.org/security/en/glsa/glsa-201203-16.xml"
          },
          {
            "name": "FEDORA-2011-10503",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-August/063786.html"
          },
          {
            "name": "45131",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/45131"
          },
          {
            "name": "[oss-security] 20120812 Re: CVE request: libmodplug: multiple  vulnerabilities reported in \u003c= 0.8.8.3",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2011/08/12/4"
          },
          {
            "name": "48058",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/48058"
          },
          {
            "name": "46032",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/46032"
          },
          {
            "name": "74208",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://www.osvdb.org/74208"
          },
          {
            "name": "46793",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/46793"
          },
          {
            "name": "48439",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/48439"
          },
          {
            "name": "45742",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/45742"
          },
          {
            "name": "USN-1255-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://ubuntu.com/usn/usn-1255-1"
          },
          {
            "name": "openSUSE-SU-2011:0943",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00019.html"
          },
          {
            "name": "48434",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/48434"
          },
          {
            "name": "48979",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/48979"
          },
          {
            "name": "GLSA-201203-14",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://www.gentoo.org/security/en/glsa/glsa-201203-14.xml"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://modplug-xmms.git.sourceforge.net/git/gitweb.cgi?p=modplug-xmms/modplug-xmms%3Ba=commitdiff%3Bh=2d4c56de314ab13e4437bd8b609f0b751066eee8"
          },
          {
            "name": "45901",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/45901"
          },
          {
            "name": "RHSA-2011:1264",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2011-1264.html"
          },
          {
            "name": "46043",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/46043"
          },
          {
            "name": "libmodplug-wav-bo(68983)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/68983"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://jira.atheme.org/browse/AUDPLUG-394"
          },
          {
            "name": "45658",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/45658"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2011-08-03T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Integer overflow in the CSoundFile::ReadWav function in src/load_wav.cpp in libmodplug before 0.8.8.4 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted WAV file, which triggers a heap-based buffer overflow."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-08-28T12:57:01.000Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "FEDORA-2011-12370",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-September/066044.html"
        },
        {
          "name": "[oss-security] 20120810 CVE request: libmodplug: multiple  vulnerabilities reported in \u003c= 0.8.8.3",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2011/08/10/4"
        },
        {
          "name": "DSA-2415",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2012/dsa-2415"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://sourceforge.net/projects/modplug-xmms/files/libmodplug/0.8.8.4/"
        },
        {
          "name": "GLSA-201203-16",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://www.gentoo.org/security/en/glsa/glsa-201203-16.xml"
        },
        {
          "name": "FEDORA-2011-10503",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-August/063786.html"
        },
        {
          "name": "45131",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/45131"
        },
        {
          "name": "[oss-security] 20120812 Re: CVE request: libmodplug: multiple  vulnerabilities reported in \u003c= 0.8.8.3",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2011/08/12/4"
        },
        {
          "name": "48058",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/48058"
        },
        {
          "name": "46032",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/46032"
        },
        {
          "name": "74208",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://www.osvdb.org/74208"
        },
        {
          "name": "46793",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/46793"
        },
        {
          "name": "48439",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/48439"
        },
        {
          "name": "45742",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/45742"
        },
        {
          "name": "USN-1255-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://ubuntu.com/usn/usn-1255-1"
        },
        {
          "name": "openSUSE-SU-2011:0943",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00019.html"
        },
        {
          "name": "48434",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/48434"
        },
        {
          "name": "48979",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/48979"
        },
        {
          "name": "GLSA-201203-14",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://www.gentoo.org/security/en/glsa/glsa-201203-14.xml"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://modplug-xmms.git.sourceforge.net/git/gitweb.cgi?p=modplug-xmms/modplug-xmms%3Ba=commitdiff%3Bh=2d4c56de314ab13e4437bd8b609f0b751066eee8"
        },
        {
          "name": "45901",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/45901"
        },
        {
          "name": "RHSA-2011:1264",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2011-1264.html"
        },
        {
          "name": "46043",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/46043"
        },
        {
          "name": "libmodplug-wav-bo(68983)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/68983"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://jira.atheme.org/browse/AUDPLUG-394"
        },
        {
          "name": "45658",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/45658"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2011-2911",
    "datePublished": "2012-06-07T19:00:00.000Z",
    "dateReserved": "2011-07-27T00:00:00.000Z",
    "dateUpdated": "2024-08-06T23:15:31.663Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2011-1761 (GCVE-0-2011-1761)

Vulnerability from nvd – Published: 2012-06-07 19:00 – Updated: 2024-08-06 22:37

Summary

Multiple stack-based buffer overflows in the (1) abc_new_macro and (2) abc_new_umacro functions in src/load_abc.cpp in libmodplug before 0.8.8.3 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted ABC file. NOTE: some of these details are obtained from third party information.

Severity ?

No CVSS data available.

CWE

n/a

Assigner

redhat

References

URL

Tags

	http://www.debian.org/security/2012/dsa-2415	vendor-advisoryx_refsource_DEBIAN
	http://secunia.com/advisories/44870	third-party-advisoryx_refsource_SECUNIA
	http://www.osvdb.org/72157	vdb-entryx_refsource_OSVDB
	http://ubuntu.com/usn/usn-1148-1	vendor-advisoryx_refsource_UBUNTU
	http://secunia.com/advisories/44695	third-party-advisoryx_refsource_SECUNIA
	http://secunia.com/advisories/48058	third-party-advisoryx_refsource_SECUNIA
	http://www.exploit-db.com/exploits/17222	exploitx_refsource_EXPLOIT-DB
	http://secunia.com/advisories/45742	third-party-advisoryx_refsource_SECUNIA
	http://lists.opensuse.org/opensuse-security-annou…	vendor-advisoryx_refsource_SUSE
	http://www.openwall.com/lists/oss-security/2011/0…	mailing-listx_refsource_MLIST
	http://www.openwall.com/lists/oss-security/2011/05/02/1	mailing-listx_refsource_MLIST
	http://secunia.com/advisories/44388	third-party-advisoryx_refsource_SECUNIA
	http://lists.fedoraproject.org/pipermail/package-…	vendor-advisoryx_refsource_SUSE

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T22:37:25.759Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "DSA-2415",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2012/dsa-2415"
          },
          {
            "name": "44870",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/44870"
          },
          {
            "name": "72157",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://www.osvdb.org/72157"
          },
          {
            "name": "USN-1148-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://ubuntu.com/usn/usn-1148-1"
          },
          {
            "name": "44695",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/44695"
          },
          {
            "name": "48058",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/48058"
          },
          {
            "name": "17222",
            "tags": [
              "exploit",
              "x_refsource_EXPLOIT-DB",
              "x_transferred"
            ],
            "url": "http://www.exploit-db.com/exploits/17222"
          },
          {
            "name": "45742",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/45742"
          },
          {
            "name": "openSUSE-SU-2011:0943",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00019.html"
          },
          {
            "name": "[oss-security] 20120502 Re: CVE request: libmodplugin stack-buffer overflow",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2011/05/02/19"
          },
          {
            "name": "[oss-security] 20120502 CVE request: libmodplugin stack-buffer overflow",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2011/05/02/1"
          },
          {
            "name": "44388",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/44388"
          },
          {
            "name": "openSUSE-SU-2011:0551",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-May/060520.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Multiple stack-based buffer overflows in the (1) abc_new_macro and (2) abc_new_umacro functions in src/load_abc.cpp in libmodplug before 0.8.8.3 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted ABC file.  NOTE: some of these details are obtained from third party information."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2012-06-07T19:00:00.000Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "DSA-2415",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2012/dsa-2415"
        },
        {
          "name": "44870",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/44870"
        },
        {
          "name": "72157",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://www.osvdb.org/72157"
        },
        {
          "name": "USN-1148-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://ubuntu.com/usn/usn-1148-1"
        },
        {
          "name": "44695",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/44695"
        },
        {
          "name": "48058",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/48058"
        },
        {
          "name": "17222",
          "tags": [
            "exploit",
            "x_refsource_EXPLOIT-DB"
          ],
          "url": "http://www.exploit-db.com/exploits/17222"
        },
        {
          "name": "45742",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/45742"
        },
        {
          "name": "openSUSE-SU-2011:0943",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00019.html"
        },
        {
          "name": "[oss-security] 20120502 Re: CVE request: libmodplugin stack-buffer overflow",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2011/05/02/19"
        },
        {
          "name": "[oss-security] 20120502 CVE request: libmodplugin stack-buffer overflow",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2011/05/02/1"
        },
        {
          "name": "44388",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/44388"
        },
        {
          "name": "openSUSE-SU-2011:0551",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-May/060520.html"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2011-1761",
    "datePublished": "2012-06-07T19:00:00.000Z",
    "dateReserved": "2011-04-19T00:00:00.000Z",
    "dateUpdated": "2024-08-06T22:37:25.759Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2011-1574 (GCVE-0-2011-1574)

Vulnerability from nvd – Published: 2011-05-09 22:00 – Updated: 2024-08-06 22:28

Summary

Stack-based buffer overflow in the ReadS3M method in load_s3m.cpp in libmodplug before 0.8.8.2 allows remote attackers to execute arbitrary code via a crafted S3M file.

Severity ?

No CVSS data available.

CWE

n/a

Assigner

redhat

References

URL

Tags

	https://www.ubuntu.com/usn/USN-1148-1/	vendor-advisoryx_refsource_UBUNTU
	http://openwall.com/lists/oss-security/2011/04/11/13	mailing-listx_refsource_MLIST
	http://www.gentoo.org/security/en/glsa/glsa-20120…	vendor-advisoryx_refsource_GENTOO
	http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=622091	x_refsource_CONFIRM
	https://www.sec-consult.com/files/20110407-0_libm…	x_refsource_MISC
	http://secunia.com/advisories/44870	third-party-advisoryx_refsource_SECUNIA
	http://openwall.com/lists/oss-security/2011/04/11/6	mailing-listx_refsource_MLIST
	https://bugzilla.redhat.com/show_bug.cgi?id=695420	x_refsource_CONFIRM
	http://securitytracker.com/id?1025480	vdb-entryx_refsource_SECTRACK
	http://modplug-xmms.git.sourceforge.net/git/gitwe…	x_refsource_CONFIRM
	http://secunia.com/advisories/48434	third-party-advisoryx_refsource_SECUNIA
	http://www.debian.org/security/2011/dsa-2226	vendor-advisoryx_refsource_DEBIAN
	http://securityreason.com/securityalert/8243	third-party-advisoryx_refsource_SREASON
	https://rhn.redhat.com/errata/RHSA-2011-0477.html	vendor-advisoryx_refsource_REDHAT
	http://www.mandriva.com/security/advisories?name=…	vendor-advisoryx_refsource_MANDRIVA

Date Public ?

2011-04-07 00:00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T22:28:41.982Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "USN-1148-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://www.ubuntu.com/usn/USN-1148-1/"
          },
          {
            "name": "[oss-security] 20110411 Re: CVE request for libmodplug",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://openwall.com/lists/oss-security/2011/04/11/13"
          },
          {
            "name": "GLSA-201203-16",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://www.gentoo.org/security/en/glsa/glsa-201203-16.xml"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=622091"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.sec-consult.com/files/20110407-0_libmodplug_stackoverflow.txt"
          },
          {
            "name": "44870",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/44870"
          },
          {
            "name": "[oss-security] 20110411 CVE request for libmodplug",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://openwall.com/lists/oss-security/2011/04/11/6"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=695420"
          },
          {
            "name": "1025480",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1025480"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://modplug-xmms.git.sourceforge.net/git/gitweb.cgi?p=modplug-xmms/modplug-xmms%3Ba=commit%3Bh=aecef259828a89bb00c2e6f78e89de7363b2237b"
          },
          {
            "name": "48434",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/48434"
          },
          {
            "name": "DSA-2226",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2011/dsa-2226"
          },
          {
            "name": "8243",
            "tags": [
              "third-party-advisory",
              "x_refsource_SREASON",
              "x_transferred"
            ],
            "url": "http://securityreason.com/securityalert/8243"
          },
          {
            "name": "RHSA-2011:0477",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://rhn.redhat.com/errata/RHSA-2011-0477.html"
          },
          {
            "name": "MDVSA-2011:085",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:085"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2011-04-07T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Stack-based buffer overflow in the ReadS3M method in load_s3m.cpp in libmodplug before 0.8.8.2 allows remote attackers to execute arbitrary code via a crafted S3M file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2016-12-06T21:57:01.000Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "USN-1148-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://www.ubuntu.com/usn/USN-1148-1/"
        },
        {
          "name": "[oss-security] 20110411 Re: CVE request for libmodplug",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://openwall.com/lists/oss-security/2011/04/11/13"
        },
        {
          "name": "GLSA-201203-16",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://www.gentoo.org/security/en/glsa/glsa-201203-16.xml"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=622091"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.sec-consult.com/files/20110407-0_libmodplug_stackoverflow.txt"
        },
        {
          "name": "44870",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/44870"
        },
        {
          "name": "[oss-security] 20110411 CVE request for libmodplug",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://openwall.com/lists/oss-security/2011/04/11/6"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=695420"
        },
        {
          "name": "1025480",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1025480"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://modplug-xmms.git.sourceforge.net/git/gitweb.cgi?p=modplug-xmms/modplug-xmms%3Ba=commit%3Bh=aecef259828a89bb00c2e6f78e89de7363b2237b"
        },
        {
          "name": "48434",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/48434"
        },
        {
          "name": "DSA-2226",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2011/dsa-2226"
        },
        {
          "name": "8243",
          "tags": [
            "third-party-advisory",
            "x_refsource_SREASON"
          ],
          "url": "http://securityreason.com/securityalert/8243"
        },
        {
          "name": "RHSA-2011:0477",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://rhn.redhat.com/errata/RHSA-2011-0477.html"
        },
        {
          "name": "MDVSA-2011:085",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:085"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2011-1574",
    "datePublished": "2011-05-09T22:00:00.000Z",
    "dateReserved": "2011-04-05T00:00:00.000Z",
    "dateUpdated": "2024-08-06T22:28:41.982Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2009-1513 (GCVE-0-2009-1513)

Vulnerability from nvd – Published: 2009-05-04 16:12 – Updated: 2024-08-07 05:13

Summary

Buffer overflow in the PATinst function in src/load_pat.cpp in libmodplug before 0.8.7 allows user-assisted remote attackers to cause a denial of service and possibly execute arbitrary code via a long instrument name.

Severity ?

No CVSS data available.

CWE

n/a

Assigner

mitre

References

URL

Tags

	http://www.ubuntu.com/usn/USN-771-1	vendor-advisoryx_refsource_UBUNTU
	http://secunia.com/advisories/35736	third-party-advisoryx_refsource_SECUNIA
	http://secunia.com/advisories/34927	third-party-advisoryx_refsource_SECUNIA
	http://www.debian.org/security/2009/dsa-1850	vendor-advisoryx_refsource_DEBIAN
	http://www.securityfocus.com/bid/34747	vdb-entryx_refsource_BID
	http://modplug-xmms.cvs.sourceforge.net/viewvc/mo…	x_refsource_CONFIRM
	http://secunia.com/advisories/36158	third-party-advisoryx_refsource_SECUNIA
	http://sourceforge.net/tracker/?func=detail&aid=2…	x_refsource_CONFIRM
	http://www.mandriva.com/security/advisories?name=…	vendor-advisoryx_refsource_MANDRIVA
	http://osvdb.org/54109	vdb-entryx_refsource_OSVDB
	http://secunia.com/advisories/35026	third-party-advisoryx_refsource_SECUNIA
	http://www.openwall.com/lists/oss-security/2009/04/29/5	mailing-listx_refsource_MLIST
	http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=526084	x_refsource_CONFIRM
	http://security.gentoo.org/glsa/glsa-200907-07.xml	vendor-advisoryx_refsource_GENTOO
	http://modplug-xmms.git.sourceforge.net/git/gitwe…	x_refsource_CONFIRM
	http://sourceforge.net/project/shownotes.php?rele…	x_refsource_CONFIRM
	http://www.vupen.com/english/advisories/2009/1200	vdb-entryx_refsource_VUPEN

Date Public ?

2009-04-21 00:00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T05:13:25.667Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "USN-771-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-771-1"
          },
          {
            "name": "35736",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/35736"
          },
          {
            "name": "34927",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/34927"
          },
          {
            "name": "DSA-1850",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2009/dsa-1850"
          },
          {
            "name": "34747",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/34747"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://modplug-xmms.cvs.sourceforge.net/viewvc/modplug-xmms/libmodplug/src/load_pat.cpp?r1=1.3\u0026r2=1.4"
          },
          {
            "name": "36158",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/36158"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://sourceforge.net/tracker/?func=detail\u0026aid=2777467\u0026group_id=1275\u0026atid=301275"
          },
          {
            "name": "MDVSA-2009:128",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:128"
          },
          {
            "name": "54109",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://osvdb.org/54109"
          },
          {
            "name": "35026",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/35026"
          },
          {
            "name": "[oss-security] 20090429 Re: CVE Request -- libmodplug",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2009/04/29/5"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=526084"
          },
          {
            "name": "GLSA-200907-07",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://security.gentoo.org/glsa/glsa-200907-07.xml"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://modplug-xmms.git.sourceforge.net/git/gitweb.cgi?p=modplug-xmms%3Ba=commitdiff%3Bh=c4ebb701be6ee9a296a44fdac5a20b7739ff0595"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://sourceforge.net/project/shownotes.php?release_id=678622\u0026group_id=1275"
          },
          {
            "name": "ADV-2009-1200",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2009/1200"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2009-04-21T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Buffer overflow in the PATinst function in src/load_pat.cpp in libmodplug before 0.8.7 allows user-assisted remote attackers to cause a denial of service and possibly execute arbitrary code via a long instrument name."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2009-05-13T09:00:00.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "USN-771-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-771-1"
        },
        {
          "name": "35736",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/35736"
        },
        {
          "name": "34927",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/34927"
        },
        {
          "name": "DSA-1850",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2009/dsa-1850"
        },
        {
          "name": "34747",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/34747"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://modplug-xmms.cvs.sourceforge.net/viewvc/modplug-xmms/libmodplug/src/load_pat.cpp?r1=1.3\u0026r2=1.4"
        },
        {
          "name": "36158",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/36158"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://sourceforge.net/tracker/?func=detail\u0026aid=2777467\u0026group_id=1275\u0026atid=301275"
        },
        {
          "name": "MDVSA-2009:128",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:128"
        },
        {
          "name": "54109",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://osvdb.org/54109"
        },
        {
          "name": "35026",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/35026"
        },
        {
          "name": "[oss-security] 20090429 Re: CVE Request -- libmodplug",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2009/04/29/5"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=526084"
        },
        {
          "name": "GLSA-200907-07",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://security.gentoo.org/glsa/glsa-200907-07.xml"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://modplug-xmms.git.sourceforge.net/git/gitweb.cgi?p=modplug-xmms%3Ba=commitdiff%3Bh=c4ebb701be6ee9a296a44fdac5a20b7739ff0595"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://sourceforge.net/project/shownotes.php?release_id=678622\u0026group_id=1275"
        },
        {
          "name": "ADV-2009-1200",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2009/1200"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2009-1513",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Buffer overflow in the PATinst function in src/load_pat.cpp in libmodplug before 0.8.7 allows user-assisted remote attackers to cause a denial of service and possibly execute arbitrary code via a long instrument name."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "USN-771-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-771-1"
            },
            {
              "name": "35736",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/35736"
            },
            {
              "name": "34927",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/34927"
            },
            {
              "name": "DSA-1850",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2009/dsa-1850"
            },
            {
              "name": "34747",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/34747"
            },
            {
              "name": "http://modplug-xmms.cvs.sourceforge.net/viewvc/modplug-xmms/libmodplug/src/load_pat.cpp?r1=1.3\u0026r2=1.4",
              "refsource": "CONFIRM",
              "url": "http://modplug-xmms.cvs.sourceforge.net/viewvc/modplug-xmms/libmodplug/src/load_pat.cpp?r1=1.3\u0026r2=1.4"
            },
            {
              "name": "36158",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/36158"
            },
            {
              "name": "http://sourceforge.net/tracker/?func=detail\u0026aid=2777467\u0026group_id=1275\u0026atid=301275",
              "refsource": "CONFIRM",
              "url": "http://sourceforge.net/tracker/?func=detail\u0026aid=2777467\u0026group_id=1275\u0026atid=301275"
            },
            {
              "name": "MDVSA-2009:128",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:128"
            },
            {
              "name": "54109",
              "refsource": "OSVDB",
              "url": "http://osvdb.org/54109"
            },
            {
              "name": "35026",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/35026"
            },
            {
              "name": "[oss-security] 20090429 Re: CVE Request -- libmodplug",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2009/04/29/5"
            },
            {
              "name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=526084",
              "refsource": "CONFIRM",
              "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=526084"
            },
            {
              "name": "GLSA-200907-07",
              "refsource": "GENTOO",
              "url": "http://security.gentoo.org/glsa/glsa-200907-07.xml"
            },
            {
              "name": "http://modplug-xmms.git.sourceforge.net/git/gitweb.cgi?p=modplug-xmms;a=commitdiff;h=c4ebb701be6ee9a296a44fdac5a20b7739ff0595",
              "refsource": "CONFIRM",
              "url": "http://modplug-xmms.git.sourceforge.net/git/gitweb.cgi?p=modplug-xmms;a=commitdiff;h=c4ebb701be6ee9a296a44fdac5a20b7739ff0595"
            },
            {
              "name": "http://sourceforge.net/project/shownotes.php?release_id=678622\u0026group_id=1275",
              "refsource": "CONFIRM",
              "url": "http://sourceforge.net/project/shownotes.php?release_id=678622\u0026group_id=1275"
            },
            {
              "name": "ADV-2009-1200",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2009/1200"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2009-1513",
    "datePublished": "2009-05-04T16:12:00.000Z",
    "dateReserved": "2009-05-04T00:00:00.000Z",
    "dateUpdated": "2024-08-07T05:13:25.667Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

FKIE_CVE-2013-4234

Vulnerability from fkie_nvd - Published: 2013-09-16 19:14 - Updated: 2026-04-29 01:13

Severity ?

Summary

Multiple heap-based buffer overflows in the (1) abc_MIDI_drum and (2) abc_MIDI_gchord functions in load_abc.cpp in libmodplug 0.8.8.4 and earlier allow remote attackers to cause a denial of service (memory corruption and crash) and possibly execute arbitrary code via a crafted ABC.

References

URL	Tags
secalert@redhat.com	http://blog.scrt.ch/2013/07/24/vlc-abc-parsing-seems-to-be-a-ctf-challenge/	Exploit
secalert@redhat.com	http://secunia.com/advisories/54388	Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/54695	Vendor Advisory
secalert@redhat.com	http://www.debian.org/security/2013/dsa-2751
secalert@redhat.com	http://www.openwall.com/lists/oss-security/2013/08/10/3	Exploit
secalert@redhat.com	http://www.securityfocus.com/bid/61714
af854a3a-2127-422b-91ae-364da2661108	http://blog.scrt.ch/2013/07/24/vlc-abc-parsing-seems-to-be-a-ctf-challenge/	Exploit
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/54388	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/54695	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.debian.org/security/2013/dsa-2751
af854a3a-2127-422b-91ae-364da2661108	http://www.openwall.com/lists/oss-security/2013/08/10/3	Exploit
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/61714

Impacted products

Vendor	Product	Version
konstanty_bialkowski	libmodplug	*
konstanty_bialkowski	libmodplug	0.8
konstanty_bialkowski	libmodplug	0.8.4
konstanty_bialkowski	libmodplug	0.8.5
konstanty_bialkowski	libmodplug	0.8.6
konstanty_bialkowski	libmodplug	0.8.7
konstanty_bialkowski	libmodplug	0.8.8
konstanty_bialkowski	libmodplug	0.8.8.1
konstanty_bialkowski	libmodplug	0.8.8.2
konstanty_bialkowski	libmodplug	0.8.8.3
debian	debian_linux	6.0
debian	debian_linux	7.0

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:konstanty_bialkowski:libmodplug:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "28F70B42-70EB-46B7-8A42-BDB74DA89753",
              "versionEndIncluding": "0.8.8.4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:konstanty_bialkowski:libmodplug:0.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "5E90B264-B800-4D01-B9C6-1B1A97702F07",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:konstanty_bialkowski:libmodplug:0.8.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "7869CDE5-B184-42EB-B0D6-6E6164AA324A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:konstanty_bialkowski:libmodplug:0.8.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "CBA5392B-E9CE-4092-BF72-5A661F1C20F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:konstanty_bialkowski:libmodplug:0.8.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "0DD56CB5-038F-45A9-AE9B-489186624232",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:konstanty_bialkowski:libmodplug:0.8.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "33E92586-2A99-45B5-8A78-5E35F1CF4FC8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:konstanty_bialkowski:libmodplug:0.8.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "6F6BFC6E-7932-49F7-A917-34B53474A4BE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:konstanty_bialkowski:libmodplug:0.8.8.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "D5406CCC-DD17-402A-996C-A1CCA558F27B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:konstanty_bialkowski:libmodplug:0.8.8.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "854AB57C-5B41-4B35-92B8-38E233F5991B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:konstanty_bialkowski:libmodplug:0.8.8.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "4A42E9A3-02BB-4505-AFE4-E3A987B53C27",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "036E8A89-7A16-411F-9D31-676313BB7244",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "16F59A04-14CF-49E2-9973-645477EA09DA",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Multiple heap-based buffer overflows in the (1) abc_MIDI_drum and (2) abc_MIDI_gchord functions in load_abc.cpp in libmodplug 0.8.8.4 and earlier allow remote attackers to cause a denial of service (memory corruption and crash) and possibly execute arbitrary code via a crafted ABC."
    },
    {
      "lang": "es",
      "value": "M\u00faltiples desbordamientos de b\u00fafer basados en memoria din\u00e1mica en las funciones abc_MIDI_drum y abc_MIDI_gchord en libmodplug 0.8.8.4 y anteriores permite a atacantes remotos provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria y ca\u00edda)  y posiblemente ejecutar c\u00f3digo arbitrario a trav\u00e9s de una ABC manipulada."
    }
  ],
  "id": "CVE-2013-4234",
  "lastModified": "2026-04-29T01:13:23.040",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 6.8,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2013-09-16T19:14:39.007",
  "references": [
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Exploit"
      ],
      "url": "http://blog.scrt.ch/2013/07/24/vlc-abc-parsing-seems-to-be-a-ctf-challenge/"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/54388"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/54695"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.debian.org/security/2013/dsa-2751"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Exploit"
      ],
      "url": "http://www.openwall.com/lists/oss-security/2013/08/10/3"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/bid/61714"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit"
      ],
      "url": "http://blog.scrt.ch/2013/07/24/vlc-abc-parsing-seems-to-be-a-ctf-challenge/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/54388"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/54695"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2013/dsa-2751"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit"
      ],
      "url": "http://www.openwall.com/lists/oss-security/2013/08/10/3"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/61714"
    }
  ],
  "sourceIdentifier": "secalert@redhat.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-119"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

FKIE_CVE-2013-4233

Vulnerability from fkie_nvd - Published: 2013-09-16 19:14 - Updated: 2026-04-29 01:13

Severity ?

Summary

Integer overflow in the abc_set_parts function in load_abc.cpp in libmodplug 0.8.8.4 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted P header in an ABC file, which triggers a heap-based buffer overflow.

References

URL	Tags
secalert@redhat.com	http://blog.scrt.ch/2013/07/24/vlc-abc-parsing-seems-to-be-a-ctf-challenge/	Exploit
secalert@redhat.com	http://secunia.com/advisories/54388	Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/54695	Vendor Advisory
secalert@redhat.com	http://www.debian.org/security/2013/dsa-2751
secalert@redhat.com	http://www.openwall.com/lists/oss-security/2013/08/10/3	Exploit
af854a3a-2127-422b-91ae-364da2661108	http://blog.scrt.ch/2013/07/24/vlc-abc-parsing-seems-to-be-a-ctf-challenge/	Exploit
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/54388	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/54695	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.debian.org/security/2013/dsa-2751
af854a3a-2127-422b-91ae-364da2661108	http://www.openwall.com/lists/oss-security/2013/08/10/3	Exploit

Impacted products

Vendor	Product	Version
konstanty_bialkowski	libmodplug	*
konstanty_bialkowski	libmodplug	0.8
konstanty_bialkowski	libmodplug	0.8.4
konstanty_bialkowski	libmodplug	0.8.5
konstanty_bialkowski	libmodplug	0.8.6
konstanty_bialkowski	libmodplug	0.8.7
konstanty_bialkowski	libmodplug	0.8.8
konstanty_bialkowski	libmodplug	0.8.8.1
konstanty_bialkowski	libmodplug	0.8.8.2
konstanty_bialkowski	libmodplug	0.8.8.3
debian	debian_linux	6.0
debian	debian_linux	7.0

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:konstanty_bialkowski:libmodplug:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "28F70B42-70EB-46B7-8A42-BDB74DA89753",
              "versionEndIncluding": "0.8.8.4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:konstanty_bialkowski:libmodplug:0.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "5E90B264-B800-4D01-B9C6-1B1A97702F07",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:konstanty_bialkowski:libmodplug:0.8.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "7869CDE5-B184-42EB-B0D6-6E6164AA324A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:konstanty_bialkowski:libmodplug:0.8.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "CBA5392B-E9CE-4092-BF72-5A661F1C20F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:konstanty_bialkowski:libmodplug:0.8.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "0DD56CB5-038F-45A9-AE9B-489186624232",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:konstanty_bialkowski:libmodplug:0.8.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "33E92586-2A99-45B5-8A78-5E35F1CF4FC8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:konstanty_bialkowski:libmodplug:0.8.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "6F6BFC6E-7932-49F7-A917-34B53474A4BE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:konstanty_bialkowski:libmodplug:0.8.8.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "D5406CCC-DD17-402A-996C-A1CCA558F27B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:konstanty_bialkowski:libmodplug:0.8.8.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "854AB57C-5B41-4B35-92B8-38E233F5991B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:konstanty_bialkowski:libmodplug:0.8.8.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "4A42E9A3-02BB-4505-AFE4-E3A987B53C27",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "036E8A89-7A16-411F-9D31-676313BB7244",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "16F59A04-14CF-49E2-9973-645477EA09DA",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Integer overflow in the abc_set_parts function in load_abc.cpp in libmodplug 0.8.8.4 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted P header in an ABC file, which triggers a heap-based buffer overflow."
    },
    {
      "lang": "es",
      "value": "Desbordamiento de entero en la funci\u00f3n abc_set_parts de load_abc.cpp en libmodplug 0.8.8.4 y anteriores permite a un atacante remoto causar una denegaci\u00f3n de servicio y posiblemente ejecutar c\u00f3digo a discrecci\u00f3n a trav\u00e9s de la cabecera P en un archivo ABC, lo que dispara un desbordamiento de memoria din\u00e1mica."
    }
  ],
  "id": "CVE-2013-4233",
  "lastModified": "2026-04-29T01:13:23.040",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 6.8,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2013-09-16T19:14:38.990",
  "references": [
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Exploit"
      ],
      "url": "http://blog.scrt.ch/2013/07/24/vlc-abc-parsing-seems-to-be-a-ctf-challenge/"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/54388"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/54695"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.debian.org/security/2013/dsa-2751"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Exploit"
      ],
      "url": "http://www.openwall.com/lists/oss-security/2013/08/10/3"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit"
      ],
      "url": "http://blog.scrt.ch/2013/07/24/vlc-abc-parsing-seems-to-be-a-ctf-challenge/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/54388"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/54695"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2013/dsa-2751"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit"
      ],
      "url": "http://www.openwall.com/lists/oss-security/2013/08/10/3"
    }
  ],
  "sourceIdentifier": "secalert@redhat.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-189"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

FKIE_CVE-2011-2915

Vulnerability from fkie_nvd - Published: 2012-06-07 19:55 - Updated: 2026-04-29 01:13

Severity ?

Summary

Off-by-one error in the CSoundFile::ReadAMS2 function in src/load_ams.cpp in libmodplug before 0.8.8.4 allows remote attackers to cause a denial of service (memory corruption) and possibly execute arbitrary code via a crafted AMS file with a large number of instruments.

References

URL	Tags
secalert@redhat.com	http://jira.atheme.org/browse/AUDPLUG-394
secalert@redhat.com	http://lists.fedoraproject.org/pipermail/package-announce/2011-August/063786.html
secalert@redhat.com	http://lists.fedoraproject.org/pipermail/package-announce/2011-September/066044.html
secalert@redhat.com	http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00019.html
secalert@redhat.com	http://modplug-xmms.git.sourceforge.net/git/gitweb.cgi?p=modplug-xmms/modplug-xmms%3Ba=commitdiff%3Bh=16d7a78efe14d345a6c5b241f88422ad0ee483ea
secalert@redhat.com	http://rhn.redhat.com/errata/RHSA-2011-1264.html
secalert@redhat.com	http://secunia.com/advisories/45131	Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/45658	Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/45742	Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/45901	Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/46032	Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/46043	Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/46793	Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/48058	Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/48434	Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/48439	Vendor Advisory
secalert@redhat.com	http://sourceforge.net/projects/modplug-xmms/files/libmodplug/0.8.8.4/
secalert@redhat.com	http://ubuntu.com/usn/usn-1255-1
secalert@redhat.com	http://www.debian.org/security/2012/dsa-2415
secalert@redhat.com	http://www.gentoo.org/security/en/glsa/glsa-201203-14.xml
secalert@redhat.com	http://www.gentoo.org/security/en/glsa/glsa-201203-16.xml
secalert@redhat.com	http://www.openwall.com/lists/oss-security/2011/08/10/4
secalert@redhat.com	http://www.openwall.com/lists/oss-security/2011/08/12/4
secalert@redhat.com	http://www.osvdb.org/74210
secalert@redhat.com	http://www.securityfocus.com/bid/48979
secalert@redhat.com	https://exchange.xforce.ibmcloud.com/vulnerabilities/68987
af854a3a-2127-422b-91ae-364da2661108	http://jira.atheme.org/browse/AUDPLUG-394
af854a3a-2127-422b-91ae-364da2661108	http://lists.fedoraproject.org/pipermail/package-announce/2011-August/063786.html
af854a3a-2127-422b-91ae-364da2661108	http://lists.fedoraproject.org/pipermail/package-announce/2011-September/066044.html
af854a3a-2127-422b-91ae-364da2661108	http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00019.html
af854a3a-2127-422b-91ae-364da2661108	http://modplug-xmms.git.sourceforge.net/git/gitweb.cgi?p=modplug-xmms/modplug-xmms%3Ba=commitdiff%3Bh=16d7a78efe14d345a6c5b241f88422ad0ee483ea
af854a3a-2127-422b-91ae-364da2661108	http://rhn.redhat.com/errata/RHSA-2011-1264.html
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/45131	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/45658	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/45742	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/45901	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/46032	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/46043	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/46793	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/48058	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/48434	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/48439	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://sourceforge.net/projects/modplug-xmms/files/libmodplug/0.8.8.4/
af854a3a-2127-422b-91ae-364da2661108	http://ubuntu.com/usn/usn-1255-1
af854a3a-2127-422b-91ae-364da2661108	http://www.debian.org/security/2012/dsa-2415
af854a3a-2127-422b-91ae-364da2661108	http://www.gentoo.org/security/en/glsa/glsa-201203-14.xml
af854a3a-2127-422b-91ae-364da2661108	http://www.gentoo.org/security/en/glsa/glsa-201203-16.xml
af854a3a-2127-422b-91ae-364da2661108	http://www.openwall.com/lists/oss-security/2011/08/10/4
af854a3a-2127-422b-91ae-364da2661108	http://www.openwall.com/lists/oss-security/2011/08/12/4
af854a3a-2127-422b-91ae-364da2661108	http://www.osvdb.org/74210
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/48979
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/68987

Impacted products

Vendor	Product	Version
konstanty_bialkowski	libmodplug	*
konstanty_bialkowski	libmodplug	0.8
konstanty_bialkowski	libmodplug	0.8.4
konstanty_bialkowski	libmodplug	0.8.5
konstanty_bialkowski	libmodplug	0.8.6
konstanty_bialkowski	libmodplug	0.8.7
konstanty_bialkowski	libmodplug	0.8.8
konstanty_bialkowski	libmodplug	0.8.8.1
konstanty_bialkowski	libmodplug	0.8.8.2

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:konstanty_bialkowski:libmodplug:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "480F3134-72C6-49E1-A424-70712715E0B9",
              "versionEndIncluding": "0.8.8.3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:konstanty_bialkowski:libmodplug:0.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "5E90B264-B800-4D01-B9C6-1B1A97702F07",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:konstanty_bialkowski:libmodplug:0.8.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "7869CDE5-B184-42EB-B0D6-6E6164AA324A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:konstanty_bialkowski:libmodplug:0.8.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "CBA5392B-E9CE-4092-BF72-5A661F1C20F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:konstanty_bialkowski:libmodplug:0.8.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "0DD56CB5-038F-45A9-AE9B-489186624232",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:konstanty_bialkowski:libmodplug:0.8.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "33E92586-2A99-45B5-8A78-5E35F1CF4FC8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:konstanty_bialkowski:libmodplug:0.8.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "6F6BFC6E-7932-49F7-A917-34B53474A4BE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:konstanty_bialkowski:libmodplug:0.8.8.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "D5406CCC-DD17-402A-996C-A1CCA558F27B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:konstanty_bialkowski:libmodplug:0.8.8.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "854AB57C-5B41-4B35-92B8-38E233F5991B",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Off-by-one error in the CSoundFile::ReadAMS2 function in src/load_ams.cpp in libmodplug before 0.8.8.4 allows remote attackers to cause a denial of service (memory corruption) and possibly execute arbitrary code via a crafted AMS file with a large number of instruments."
    },
    {
      "lang": "es",
      "value": "Error de superaci\u00f3n de l\u00edmite (off-by-one) en la funci\u00f3n CSoundFile::ReadAMS2 en src/load_ams.cpp en libmodplug antes de v0.8.8.4 permite a atacantes remotos causar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) y posiblemente ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de un archivo AMS dise\u00f1ado con una gran n\u00famero de instrumentos."
    }
  ],
  "id": "CVE-2011-2915",
  "lastModified": "2026-04-29T01:13:23.040",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 6.8,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2012-06-07T19:55:04.633",
  "references": [
    {
      "source": "secalert@redhat.com",
      "url": "http://jira.atheme.org/browse/AUDPLUG-394"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-August/063786.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-September/066044.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00019.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://modplug-xmms.git.sourceforge.net/git/gitweb.cgi?p=modplug-xmms/modplug-xmms%3Ba=commitdiff%3Bh=16d7a78efe14d345a6c5b241f88422ad0ee483ea"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://rhn.redhat.com/errata/RHSA-2011-1264.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/45131"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/45658"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/45742"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/45901"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/46032"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/46043"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/46793"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/48058"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/48434"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/48439"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://sourceforge.net/projects/modplug-xmms/files/libmodplug/0.8.8.4/"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://ubuntu.com/usn/usn-1255-1"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.debian.org/security/2012/dsa-2415"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-201203-14.xml"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-201203-16.xml"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.openwall.com/lists/oss-security/2011/08/10/4"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.openwall.com/lists/oss-security/2011/08/12/4"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.osvdb.org/74210"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/bid/48979"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/68987"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://jira.atheme.org/browse/AUDPLUG-394"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-August/063786.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-September/066044.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00019.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://modplug-xmms.git.sourceforge.net/git/gitweb.cgi?p=modplug-xmms/modplug-xmms%3Ba=commitdiff%3Bh=16d7a78efe14d345a6c5b241f88422ad0ee483ea"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://rhn.redhat.com/errata/RHSA-2011-1264.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/45131"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/45658"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/45742"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/45901"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/46032"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/46043"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/46793"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/48058"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/48434"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/48439"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://sourceforge.net/projects/modplug-xmms/files/libmodplug/0.8.8.4/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://ubuntu.com/usn/usn-1255-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2012/dsa-2415"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-201203-14.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-201203-16.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.openwall.com/lists/oss-security/2011/08/10/4"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.openwall.com/lists/oss-security/2011/08/12/4"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.osvdb.org/74210"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/48979"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/68987"
    }
  ],
  "sourceIdentifier": "secalert@redhat.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-189"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

FKIE_CVE-2011-2912

Vulnerability from fkie_nvd - Published: 2012-06-07 19:55 - Updated: 2026-04-29 01:13

Severity ?

Summary

Stack-based buffer overflow in the CSoundFile::ReadS3M function in src/load_s3m.cpp in libmodplug before 0.8.8.4 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted S3M file with an invalid offset.

References

URL	Tags
secalert@redhat.com	http://jira.atheme.org/browse/AUDPLUG-394
secalert@redhat.com	http://lists.fedoraproject.org/pipermail/package-announce/2011-August/063786.html
secalert@redhat.com	http://lists.fedoraproject.org/pipermail/package-announce/2011-September/066044.html
secalert@redhat.com	http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00019.html
secalert@redhat.com	http://modplug-xmms.git.sourceforge.net/git/gitweb.cgi?p=modplug-xmms/modplug-xmms%3Ba=commitdiff%3Bh=f4e5295658fff000379caa122e75c9200205fe20
secalert@redhat.com	http://rhn.redhat.com/errata/RHSA-2011-1264.html
secalert@redhat.com	http://secunia.com/advisories/45131	Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/45658	Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/45742	Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/45901	Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/46032	Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/46043	Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/46793	Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/48058	Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/48434	Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/48439	Vendor Advisory
secalert@redhat.com	http://sourceforge.net/projects/modplug-xmms/files/libmodplug/0.8.8.4/
secalert@redhat.com	http://ubuntu.com/usn/usn-1255-1
secalert@redhat.com	http://www.debian.org/security/2012/dsa-2415
secalert@redhat.com	http://www.gentoo.org/security/en/glsa/glsa-201203-14.xml
secalert@redhat.com	http://www.gentoo.org/security/en/glsa/glsa-201203-16.xml
secalert@redhat.com	http://www.openwall.com/lists/oss-security/2011/08/10/4
secalert@redhat.com	http://www.openwall.com/lists/oss-security/2011/08/12/4
secalert@redhat.com	http://www.osvdb.org/74209
secalert@redhat.com	http://www.securityfocus.com/bid/48979
secalert@redhat.com	https://exchange.xforce.ibmcloud.com/vulnerabilities/68984
af854a3a-2127-422b-91ae-364da2661108	http://jira.atheme.org/browse/AUDPLUG-394
af854a3a-2127-422b-91ae-364da2661108	http://lists.fedoraproject.org/pipermail/package-announce/2011-August/063786.html
af854a3a-2127-422b-91ae-364da2661108	http://lists.fedoraproject.org/pipermail/package-announce/2011-September/066044.html
af854a3a-2127-422b-91ae-364da2661108	http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00019.html
af854a3a-2127-422b-91ae-364da2661108	http://modplug-xmms.git.sourceforge.net/git/gitweb.cgi?p=modplug-xmms/modplug-xmms%3Ba=commitdiff%3Bh=f4e5295658fff000379caa122e75c9200205fe20
af854a3a-2127-422b-91ae-364da2661108	http://rhn.redhat.com/errata/RHSA-2011-1264.html
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/45131	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/45658	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/45742	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/45901	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/46032	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/46043	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/46793	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/48058	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/48434	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/48439	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://sourceforge.net/projects/modplug-xmms/files/libmodplug/0.8.8.4/
af854a3a-2127-422b-91ae-364da2661108	http://ubuntu.com/usn/usn-1255-1
af854a3a-2127-422b-91ae-364da2661108	http://www.debian.org/security/2012/dsa-2415
af854a3a-2127-422b-91ae-364da2661108	http://www.gentoo.org/security/en/glsa/glsa-201203-14.xml
af854a3a-2127-422b-91ae-364da2661108	http://www.gentoo.org/security/en/glsa/glsa-201203-16.xml
af854a3a-2127-422b-91ae-364da2661108	http://www.openwall.com/lists/oss-security/2011/08/10/4
af854a3a-2127-422b-91ae-364da2661108	http://www.openwall.com/lists/oss-security/2011/08/12/4
af854a3a-2127-422b-91ae-364da2661108	http://www.osvdb.org/74209
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/48979
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/68984

Impacted products

Vendor	Product	Version
konstanty_bialkowski	libmodplug	*
konstanty_bialkowski	libmodplug	0.8
konstanty_bialkowski	libmodplug	0.8.4
konstanty_bialkowski	libmodplug	0.8.5
konstanty_bialkowski	libmodplug	0.8.6
konstanty_bialkowski	libmodplug	0.8.7
konstanty_bialkowski	libmodplug	0.8.8
konstanty_bialkowski	libmodplug	0.8.8.1
konstanty_bialkowski	libmodplug	0.8.8.2

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:konstanty_bialkowski:libmodplug:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "480F3134-72C6-49E1-A424-70712715E0B9",
              "versionEndIncluding": "0.8.8.3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:konstanty_bialkowski:libmodplug:0.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "5E90B264-B800-4D01-B9C6-1B1A97702F07",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:konstanty_bialkowski:libmodplug:0.8.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "7869CDE5-B184-42EB-B0D6-6E6164AA324A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:konstanty_bialkowski:libmodplug:0.8.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "CBA5392B-E9CE-4092-BF72-5A661F1C20F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:konstanty_bialkowski:libmodplug:0.8.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "0DD56CB5-038F-45A9-AE9B-489186624232",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:konstanty_bialkowski:libmodplug:0.8.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "33E92586-2A99-45B5-8A78-5E35F1CF4FC8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:konstanty_bialkowski:libmodplug:0.8.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "6F6BFC6E-7932-49F7-A917-34B53474A4BE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:konstanty_bialkowski:libmodplug:0.8.8.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "D5406CCC-DD17-402A-996C-A1CCA558F27B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:konstanty_bialkowski:libmodplug:0.8.8.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "854AB57C-5B41-4B35-92B8-38E233F5991B",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Stack-based buffer overflow in the CSoundFile::ReadS3M function in src/load_s3m.cpp in libmodplug before 0.8.8.4 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted S3M file with an invalid offset."
    },
    {
      "lang": "es",
      "value": "Un desbordamiento de b\u00fafer basado en pila en la funci\u00f3n CSoundFile::ReadS3M en src/load_s3m.cpp en libmodplug antes de v0.8.8.4 permite a atacantes remotos causar una denegaci\u00f3n de servicio y posiblemente ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de un archivo S3M dise\u00f1ado con un desplazamiento (offset) inv\u00e1lido."
    }
  ],
  "id": "CVE-2011-2912",
  "lastModified": "2026-04-29T01:13:23.040",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 6.8,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2012-06-07T19:55:04.367",
  "references": [
    {
      "source": "secalert@redhat.com",
      "url": "http://jira.atheme.org/browse/AUDPLUG-394"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-August/063786.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-September/066044.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00019.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://modplug-xmms.git.sourceforge.net/git/gitweb.cgi?p=modplug-xmms/modplug-xmms%3Ba=commitdiff%3Bh=f4e5295658fff000379caa122e75c9200205fe20"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://rhn.redhat.com/errata/RHSA-2011-1264.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/45131"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/45658"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/45742"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/45901"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/46032"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/46043"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/46793"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/48058"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/48434"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/48439"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://sourceforge.net/projects/modplug-xmms/files/libmodplug/0.8.8.4/"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://ubuntu.com/usn/usn-1255-1"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.debian.org/security/2012/dsa-2415"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-201203-14.xml"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-201203-16.xml"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.openwall.com/lists/oss-security/2011/08/10/4"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.openwall.com/lists/oss-security/2011/08/12/4"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.osvdb.org/74209"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/bid/48979"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/68984"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://jira.atheme.org/browse/AUDPLUG-394"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-August/063786.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-September/066044.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00019.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://modplug-xmms.git.sourceforge.net/git/gitweb.cgi?p=modplug-xmms/modplug-xmms%3Ba=commitdiff%3Bh=f4e5295658fff000379caa122e75c9200205fe20"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://rhn.redhat.com/errata/RHSA-2011-1264.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/45131"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/45658"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/45742"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/45901"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/46032"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/46043"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/46793"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/48058"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/48434"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/48439"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://sourceforge.net/projects/modplug-xmms/files/libmodplug/0.8.8.4/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://ubuntu.com/usn/usn-1255-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2012/dsa-2415"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-201203-14.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-201203-16.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.openwall.com/lists/oss-security/2011/08/10/4"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.openwall.com/lists/oss-security/2011/08/12/4"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.osvdb.org/74209"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/48979"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/68984"
    }
  ],
  "sourceIdentifier": "secalert@redhat.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-119"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

FKIE_CVE-2011-2914

Vulnerability from fkie_nvd - Published: 2012-06-07 19:55 - Updated: 2026-04-29 01:13

Severity ?

Summary

Off-by-one error in the CSoundFile::ReadDSM function in src/load_dms.cpp in libmodplug before 0.8.8.4 allows remote attackers to cause a denial of service (memory corruption) and possibly execute arbitrary code via a crafted DSM file with a large number of samples.

References

URL	Tags
secalert@redhat.com	http://jira.atheme.org/browse/AUDPLUG-394
secalert@redhat.com	http://lists.fedoraproject.org/pipermail/package-announce/2011-August/063786.html
secalert@redhat.com	http://lists.fedoraproject.org/pipermail/package-announce/2011-September/066044.html
secalert@redhat.com	http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00019.html
secalert@redhat.com	http://modplug-xmms.git.sourceforge.net/git/gitweb.cgi?p=modplug-xmms/modplug-xmms%3Ba=commitdiff%3Bh=26243ab9fe1171f70053e9aec4b20e9f7de9e4ef
secalert@redhat.com	http://rhn.redhat.com/errata/RHSA-2011-1264.html
secalert@redhat.com	http://secunia.com/advisories/45131	Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/45658	Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/45742	Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/45901	Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/46032	Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/46043	Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/46793	Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/48058	Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/48434	Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/48439	Vendor Advisory
secalert@redhat.com	http://sourceforge.net/projects/modplug-xmms/files/libmodplug/0.8.8.4/
secalert@redhat.com	http://ubuntu.com/usn/usn-1255-1
secalert@redhat.com	http://www.debian.org/security/2012/dsa-2415
secalert@redhat.com	http://www.gentoo.org/security/en/glsa/glsa-201203-14.xml
secalert@redhat.com	http://www.gentoo.org/security/en/glsa/glsa-201203-16.xml
secalert@redhat.com	http://www.openwall.com/lists/oss-security/2011/08/10/4
secalert@redhat.com	http://www.openwall.com/lists/oss-security/2011/08/12/4
secalert@redhat.com	http://www.osvdb.org/74211
secalert@redhat.com	http://www.securityfocus.com/bid/48979
secalert@redhat.com	https://exchange.xforce.ibmcloud.com/vulnerabilities/68985
af854a3a-2127-422b-91ae-364da2661108	http://jira.atheme.org/browse/AUDPLUG-394
af854a3a-2127-422b-91ae-364da2661108	http://lists.fedoraproject.org/pipermail/package-announce/2011-August/063786.html
af854a3a-2127-422b-91ae-364da2661108	http://lists.fedoraproject.org/pipermail/package-announce/2011-September/066044.html
af854a3a-2127-422b-91ae-364da2661108	http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00019.html
af854a3a-2127-422b-91ae-364da2661108	http://modplug-xmms.git.sourceforge.net/git/gitweb.cgi?p=modplug-xmms/modplug-xmms%3Ba=commitdiff%3Bh=26243ab9fe1171f70053e9aec4b20e9f7de9e4ef
af854a3a-2127-422b-91ae-364da2661108	http://rhn.redhat.com/errata/RHSA-2011-1264.html
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/45131	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/45658	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/45742	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/45901	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/46032	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/46043	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/46793	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/48058	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/48434	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/48439	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://sourceforge.net/projects/modplug-xmms/files/libmodplug/0.8.8.4/
af854a3a-2127-422b-91ae-364da2661108	http://ubuntu.com/usn/usn-1255-1
af854a3a-2127-422b-91ae-364da2661108	http://www.debian.org/security/2012/dsa-2415
af854a3a-2127-422b-91ae-364da2661108	http://www.gentoo.org/security/en/glsa/glsa-201203-14.xml
af854a3a-2127-422b-91ae-364da2661108	http://www.gentoo.org/security/en/glsa/glsa-201203-16.xml
af854a3a-2127-422b-91ae-364da2661108	http://www.openwall.com/lists/oss-security/2011/08/10/4
af854a3a-2127-422b-91ae-364da2661108	http://www.openwall.com/lists/oss-security/2011/08/12/4
af854a3a-2127-422b-91ae-364da2661108	http://www.osvdb.org/74211
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/48979
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/68985

Impacted products

Vendor	Product	Version
konstanty_bialkowski	libmodplug	*
konstanty_bialkowski	libmodplug	0.8
konstanty_bialkowski	libmodplug	0.8.4
konstanty_bialkowski	libmodplug	0.8.5
konstanty_bialkowski	libmodplug	0.8.6
konstanty_bialkowski	libmodplug	0.8.7
konstanty_bialkowski	libmodplug	0.8.8
konstanty_bialkowski	libmodplug	0.8.8.1
konstanty_bialkowski	libmodplug	0.8.8.2

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:konstanty_bialkowski:libmodplug:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "480F3134-72C6-49E1-A424-70712715E0B9",
              "versionEndIncluding": "0.8.8.3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:konstanty_bialkowski:libmodplug:0.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "5E90B264-B800-4D01-B9C6-1B1A97702F07",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:konstanty_bialkowski:libmodplug:0.8.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "7869CDE5-B184-42EB-B0D6-6E6164AA324A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:konstanty_bialkowski:libmodplug:0.8.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "CBA5392B-E9CE-4092-BF72-5A661F1C20F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:konstanty_bialkowski:libmodplug:0.8.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "0DD56CB5-038F-45A9-AE9B-489186624232",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:konstanty_bialkowski:libmodplug:0.8.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "33E92586-2A99-45B5-8A78-5E35F1CF4FC8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:konstanty_bialkowski:libmodplug:0.8.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "6F6BFC6E-7932-49F7-A917-34B53474A4BE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:konstanty_bialkowski:libmodplug:0.8.8.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "D5406CCC-DD17-402A-996C-A1CCA558F27B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:konstanty_bialkowski:libmodplug:0.8.8.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "854AB57C-5B41-4B35-92B8-38E233F5991B",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Off-by-one error in the CSoundFile::ReadDSM function in src/load_dms.cpp in libmodplug before 0.8.8.4 allows remote attackers to cause a denial of service (memory corruption) and possibly execute arbitrary code via a crafted DSM file with a large number of samples."
    },
    {
      "lang": "es",
      "value": "Error de superaci\u00f3n de l\u00edmite (off-by-one)  en la funci\u00f3n de CSoundFile::ReadDSM en src/load_dms.cpp en libmodplug antes de v0.8.8.4 permite a atacantes remotos causar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) y posiblemente ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de un archivo DSM dise\u00f1ado con un gran n\u00famero de muestras."
    }
  ],
  "id": "CVE-2011-2914",
  "lastModified": "2026-04-29T01:13:23.040",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 6.8,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2012-06-07T19:55:04.557",
  "references": [
    {
      "source": "secalert@redhat.com",
      "url": "http://jira.atheme.org/browse/AUDPLUG-394"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-August/063786.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-September/066044.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00019.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://modplug-xmms.git.sourceforge.net/git/gitweb.cgi?p=modplug-xmms/modplug-xmms%3Ba=commitdiff%3Bh=26243ab9fe1171f70053e9aec4b20e9f7de9e4ef"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://rhn.redhat.com/errata/RHSA-2011-1264.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/45131"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/45658"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/45742"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/45901"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/46032"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/46043"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/46793"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/48058"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/48434"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/48439"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://sourceforge.net/projects/modplug-xmms/files/libmodplug/0.8.8.4/"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://ubuntu.com/usn/usn-1255-1"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.debian.org/security/2012/dsa-2415"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-201203-14.xml"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-201203-16.xml"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.openwall.com/lists/oss-security/2011/08/10/4"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.openwall.com/lists/oss-security/2011/08/12/4"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.osvdb.org/74211"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/bid/48979"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/68985"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://jira.atheme.org/browse/AUDPLUG-394"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-August/063786.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-September/066044.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00019.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://modplug-xmms.git.sourceforge.net/git/gitweb.cgi?p=modplug-xmms/modplug-xmms%3Ba=commitdiff%3Bh=26243ab9fe1171f70053e9aec4b20e9f7de9e4ef"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://rhn.redhat.com/errata/RHSA-2011-1264.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/45131"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/45658"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/45742"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/45901"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/46032"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/46043"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/46793"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/48058"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/48434"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/48439"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://sourceforge.net/projects/modplug-xmms/files/libmodplug/0.8.8.4/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://ubuntu.com/usn/usn-1255-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2012/dsa-2415"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-201203-14.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-201203-16.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.openwall.com/lists/oss-security/2011/08/10/4"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.openwall.com/lists/oss-security/2011/08/12/4"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.osvdb.org/74211"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/48979"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/68985"
    }
  ],
  "sourceIdentifier": "secalert@redhat.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-189"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

FKIE_CVE-2011-2911

Vulnerability from fkie_nvd - Published: 2012-06-07 19:55 - Updated: 2026-04-29 01:13

Severity ?

Summary

Integer overflow in the CSoundFile::ReadWav function in src/load_wav.cpp in libmodplug before 0.8.8.4 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted WAV file, which triggers a heap-based buffer overflow.

References

URL	Tags
secalert@redhat.com	http://jira.atheme.org/browse/AUDPLUG-394
secalert@redhat.com	http://lists.fedoraproject.org/pipermail/package-announce/2011-August/063786.html
secalert@redhat.com	http://lists.fedoraproject.org/pipermail/package-announce/2011-September/066044.html
secalert@redhat.com	http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00019.html
secalert@redhat.com	http://modplug-xmms.git.sourceforge.net/git/gitweb.cgi?p=modplug-xmms/modplug-xmms%3Ba=commitdiff%3Bh=2d4c56de314ab13e4437bd8b609f0b751066eee8
secalert@redhat.com	http://rhn.redhat.com/errata/RHSA-2011-1264.html
secalert@redhat.com	http://secunia.com/advisories/45131	Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/45658	Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/45742	Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/45901	Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/46032	Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/46043	Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/46793	Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/48058	Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/48434	Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/48439	Vendor Advisory
secalert@redhat.com	http://sourceforge.net/projects/modplug-xmms/files/libmodplug/0.8.8.4/
secalert@redhat.com	http://ubuntu.com/usn/usn-1255-1
secalert@redhat.com	http://www.debian.org/security/2012/dsa-2415
secalert@redhat.com	http://www.gentoo.org/security/en/glsa/glsa-201203-14.xml
secalert@redhat.com	http://www.gentoo.org/security/en/glsa/glsa-201203-16.xml
secalert@redhat.com	http://www.openwall.com/lists/oss-security/2011/08/10/4
secalert@redhat.com	http://www.openwall.com/lists/oss-security/2011/08/12/4
secalert@redhat.com	http://www.osvdb.org/74208
secalert@redhat.com	http://www.securityfocus.com/bid/48979
secalert@redhat.com	https://exchange.xforce.ibmcloud.com/vulnerabilities/68983
af854a3a-2127-422b-91ae-364da2661108	http://jira.atheme.org/browse/AUDPLUG-394
af854a3a-2127-422b-91ae-364da2661108	http://lists.fedoraproject.org/pipermail/package-announce/2011-August/063786.html
af854a3a-2127-422b-91ae-364da2661108	http://lists.fedoraproject.org/pipermail/package-announce/2011-September/066044.html
af854a3a-2127-422b-91ae-364da2661108	http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00019.html
af854a3a-2127-422b-91ae-364da2661108	http://modplug-xmms.git.sourceforge.net/git/gitweb.cgi?p=modplug-xmms/modplug-xmms%3Ba=commitdiff%3Bh=2d4c56de314ab13e4437bd8b609f0b751066eee8
af854a3a-2127-422b-91ae-364da2661108	http://rhn.redhat.com/errata/RHSA-2011-1264.html
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/45131	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/45658	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/45742	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/45901	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/46032	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/46043	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/46793	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/48058	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/48434	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/48439	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://sourceforge.net/projects/modplug-xmms/files/libmodplug/0.8.8.4/
af854a3a-2127-422b-91ae-364da2661108	http://ubuntu.com/usn/usn-1255-1
af854a3a-2127-422b-91ae-364da2661108	http://www.debian.org/security/2012/dsa-2415
af854a3a-2127-422b-91ae-364da2661108	http://www.gentoo.org/security/en/glsa/glsa-201203-14.xml
af854a3a-2127-422b-91ae-364da2661108	http://www.gentoo.org/security/en/glsa/glsa-201203-16.xml
af854a3a-2127-422b-91ae-364da2661108	http://www.openwall.com/lists/oss-security/2011/08/10/4
af854a3a-2127-422b-91ae-364da2661108	http://www.openwall.com/lists/oss-security/2011/08/12/4
af854a3a-2127-422b-91ae-364da2661108	http://www.osvdb.org/74208
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/48979
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/68983

Impacted products

Vendor	Product	Version
konstanty_bialkowski	libmodplug	*
konstanty_bialkowski	libmodplug	0.8
konstanty_bialkowski	libmodplug	0.8.4
konstanty_bialkowski	libmodplug	0.8.5
konstanty_bialkowski	libmodplug	0.8.6
konstanty_bialkowski	libmodplug	0.8.7
konstanty_bialkowski	libmodplug	0.8.8
konstanty_bialkowski	libmodplug	0.8.8.1
konstanty_bialkowski	libmodplug	0.8.8.2

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:konstanty_bialkowski:libmodplug:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "480F3134-72C6-49E1-A424-70712715E0B9",
              "versionEndIncluding": "0.8.8.3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:konstanty_bialkowski:libmodplug:0.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "5E90B264-B800-4D01-B9C6-1B1A97702F07",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:konstanty_bialkowski:libmodplug:0.8.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "7869CDE5-B184-42EB-B0D6-6E6164AA324A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:konstanty_bialkowski:libmodplug:0.8.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "CBA5392B-E9CE-4092-BF72-5A661F1C20F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:konstanty_bialkowski:libmodplug:0.8.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "0DD56CB5-038F-45A9-AE9B-489186624232",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:konstanty_bialkowski:libmodplug:0.8.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "33E92586-2A99-45B5-8A78-5E35F1CF4FC8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:konstanty_bialkowski:libmodplug:0.8.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "6F6BFC6E-7932-49F7-A917-34B53474A4BE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:konstanty_bialkowski:libmodplug:0.8.8.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "D5406CCC-DD17-402A-996C-A1CCA558F27B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:konstanty_bialkowski:libmodplug:0.8.8.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "854AB57C-5B41-4B35-92B8-38E233F5991B",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Integer overflow in the CSoundFile::ReadWav function in src/load_wav.cpp in libmodplug before 0.8.8.4 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted WAV file, which triggers a heap-based buffer overflow."
    },
    {
      "lang": "es",
      "value": "Desbordamiento de entero en la funci\u00f3n CSoundFile::ReadWav en src/load_wav.cpp en libmodplug antes de v0.8.8.4 permite a atacantes remotos causar una denegaci\u00f3n de servicio y posiblemente ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de un archivo WAV dise\u00f1ado, lo que provoca un desbordamiento de b\u00fafer basado en memoria din\u00e1mica."
    }
  ],
  "id": "CVE-2011-2911",
  "lastModified": "2026-04-29T01:13:23.040",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 6.8,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2012-06-07T19:55:04.290",
  "references": [
    {
      "source": "secalert@redhat.com",
      "url": "http://jira.atheme.org/browse/AUDPLUG-394"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-August/063786.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-September/066044.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00019.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://modplug-xmms.git.sourceforge.net/git/gitweb.cgi?p=modplug-xmms/modplug-xmms%3Ba=commitdiff%3Bh=2d4c56de314ab13e4437bd8b609f0b751066eee8"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://rhn.redhat.com/errata/RHSA-2011-1264.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/45131"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/45658"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/45742"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/45901"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/46032"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/46043"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/46793"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/48058"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/48434"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/48439"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://sourceforge.net/projects/modplug-xmms/files/libmodplug/0.8.8.4/"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://ubuntu.com/usn/usn-1255-1"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.debian.org/security/2012/dsa-2415"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-201203-14.xml"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-201203-16.xml"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.openwall.com/lists/oss-security/2011/08/10/4"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.openwall.com/lists/oss-security/2011/08/12/4"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.osvdb.org/74208"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/bid/48979"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/68983"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://jira.atheme.org/browse/AUDPLUG-394"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-August/063786.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-September/066044.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00019.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://modplug-xmms.git.sourceforge.net/git/gitweb.cgi?p=modplug-xmms/modplug-xmms%3Ba=commitdiff%3Bh=2d4c56de314ab13e4437bd8b609f0b751066eee8"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://rhn.redhat.com/errata/RHSA-2011-1264.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/45131"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/45658"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/45742"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/45901"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/46032"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/46043"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/46793"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/48058"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/48434"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/48439"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://sourceforge.net/projects/modplug-xmms/files/libmodplug/0.8.8.4/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://ubuntu.com/usn/usn-1255-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2012/dsa-2415"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-201203-14.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-201203-16.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.openwall.com/lists/oss-security/2011/08/10/4"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.openwall.com/lists/oss-security/2011/08/12/4"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.osvdb.org/74208"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/48979"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/68983"
    }
  ],
  "sourceIdentifier": "secalert@redhat.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-189"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

FKIE_CVE-2011-2913

Vulnerability from fkie_nvd - Published: 2012-06-07 19:55 - Updated: 2026-04-29 01:13

Severity ?

Summary

Off-by-one error in the CSoundFile::ReadAMS function in src/load_ams.cpp in libmodplug before 0.8.8.4 allows remote attackers to cause a denial of service (stack memory corruption) and possibly execute arbitrary code via a crafted AMS file with a large number of samples.

References

URL	Tags
secalert@redhat.com	http://jira.atheme.org/browse/AUDPLUG-394
secalert@redhat.com	http://lists.fedoraproject.org/pipermail/package-announce/2011-August/063786.html
secalert@redhat.com	http://lists.fedoraproject.org/pipermail/package-announce/2011-September/066044.html
secalert@redhat.com	http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00019.html
secalert@redhat.com	http://modplug-xmms.git.sourceforge.net/git/gitweb.cgi?p=modplug-xmms/modplug-xmms%3Ba=commitdiff%3Bh=26243ab9fe1171f70053e9aec4b20e9f7de9e4ef
secalert@redhat.com	http://rhn.redhat.com/errata/RHSA-2011-1264.html
secalert@redhat.com	http://secunia.com/advisories/45131	Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/45658	Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/45742	Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/45901	Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/46032	Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/46043	Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/46793	Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/48058	Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/48434	Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/48439	Vendor Advisory
secalert@redhat.com	http://sourceforge.net/projects/modplug-xmms/files/libmodplug/0.8.8.4/
secalert@redhat.com	http://ubuntu.com/usn/usn-1255-1
secalert@redhat.com	http://www.debian.org/security/2012/dsa-2415
secalert@redhat.com	http://www.gentoo.org/security/en/glsa/glsa-201203-14.xml
secalert@redhat.com	http://www.gentoo.org/security/en/glsa/glsa-201203-16.xml
secalert@redhat.com	http://www.openwall.com/lists/oss-security/2011/08/10/4
secalert@redhat.com	http://www.openwall.com/lists/oss-security/2011/08/12/4
secalert@redhat.com	http://www.osvdb.org/74210
secalert@redhat.com	http://www.securityfocus.com/bid/48979
secalert@redhat.com	https://exchange.xforce.ibmcloud.com/vulnerabilities/68985
af854a3a-2127-422b-91ae-364da2661108	http://jira.atheme.org/browse/AUDPLUG-394
af854a3a-2127-422b-91ae-364da2661108	http://lists.fedoraproject.org/pipermail/package-announce/2011-August/063786.html
af854a3a-2127-422b-91ae-364da2661108	http://lists.fedoraproject.org/pipermail/package-announce/2011-September/066044.html
af854a3a-2127-422b-91ae-364da2661108	http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00019.html
af854a3a-2127-422b-91ae-364da2661108	http://modplug-xmms.git.sourceforge.net/git/gitweb.cgi?p=modplug-xmms/modplug-xmms%3Ba=commitdiff%3Bh=26243ab9fe1171f70053e9aec4b20e9f7de9e4ef
af854a3a-2127-422b-91ae-364da2661108	http://rhn.redhat.com/errata/RHSA-2011-1264.html
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/45131	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/45658	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/45742	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/45901	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/46032	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/46043	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/46793	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/48058	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/48434	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/48439	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://sourceforge.net/projects/modplug-xmms/files/libmodplug/0.8.8.4/
af854a3a-2127-422b-91ae-364da2661108	http://ubuntu.com/usn/usn-1255-1
af854a3a-2127-422b-91ae-364da2661108	http://www.debian.org/security/2012/dsa-2415
af854a3a-2127-422b-91ae-364da2661108	http://www.gentoo.org/security/en/glsa/glsa-201203-14.xml
af854a3a-2127-422b-91ae-364da2661108	http://www.gentoo.org/security/en/glsa/glsa-201203-16.xml
af854a3a-2127-422b-91ae-364da2661108	http://www.openwall.com/lists/oss-security/2011/08/10/4
af854a3a-2127-422b-91ae-364da2661108	http://www.openwall.com/lists/oss-security/2011/08/12/4
af854a3a-2127-422b-91ae-364da2661108	http://www.osvdb.org/74210
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/48979
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/68985

Impacted products

Vendor	Product	Version
konstanty_bialkowski	libmodplug	*
konstanty_bialkowski	libmodplug	0.8
konstanty_bialkowski	libmodplug	0.8.4
konstanty_bialkowski	libmodplug	0.8.5
konstanty_bialkowski	libmodplug	0.8.6
konstanty_bialkowski	libmodplug	0.8.7
konstanty_bialkowski	libmodplug	0.8.8
konstanty_bialkowski	libmodplug	0.8.8.1
konstanty_bialkowski	libmodplug	0.8.8.2

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:konstanty_bialkowski:libmodplug:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "480F3134-72C6-49E1-A424-70712715E0B9",
              "versionEndIncluding": "0.8.8.3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:konstanty_bialkowski:libmodplug:0.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "5E90B264-B800-4D01-B9C6-1B1A97702F07",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:konstanty_bialkowski:libmodplug:0.8.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "7869CDE5-B184-42EB-B0D6-6E6164AA324A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:konstanty_bialkowski:libmodplug:0.8.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "CBA5392B-E9CE-4092-BF72-5A661F1C20F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:konstanty_bialkowski:libmodplug:0.8.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "0DD56CB5-038F-45A9-AE9B-489186624232",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:konstanty_bialkowski:libmodplug:0.8.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "33E92586-2A99-45B5-8A78-5E35F1CF4FC8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:konstanty_bialkowski:libmodplug:0.8.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "6F6BFC6E-7932-49F7-A917-34B53474A4BE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:konstanty_bialkowski:libmodplug:0.8.8.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "D5406CCC-DD17-402A-996C-A1CCA558F27B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:konstanty_bialkowski:libmodplug:0.8.8.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "854AB57C-5B41-4B35-92B8-38E233F5991B",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Off-by-one error in the CSoundFile::ReadAMS function in src/load_ams.cpp in libmodplug before 0.8.8.4 allows remote attackers to cause a denial of service (stack memory corruption) and possibly execute arbitrary code via a crafted AMS file with a large number of samples."
    },
    {
      "lang": "es",
      "value": "Error de superaci\u00f3n de l\u00edmite (off-by-one) en la funci\u00f3n de CSoundFile::ReadAMS en src/load_ams.cpp en libmodplug antes de v0.8.8.4 permite a atacantes remotos causar una denegaci\u00f3n de servicio (corrupci\u00f3n de la pila de memoria) y posiblemente ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de un archivo dise\u00f1ado con AMS un gran n\u00famero de muestras."
    }
  ],
  "id": "CVE-2011-2913",
  "lastModified": "2026-04-29T01:13:23.040",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 6.8,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2012-06-07T19:55:04.477",
  "references": [
    {
      "source": "secalert@redhat.com",
      "url": "http://jira.atheme.org/browse/AUDPLUG-394"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-August/063786.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-September/066044.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00019.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://modplug-xmms.git.sourceforge.net/git/gitweb.cgi?p=modplug-xmms/modplug-xmms%3Ba=commitdiff%3Bh=26243ab9fe1171f70053e9aec4b20e9f7de9e4ef"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://rhn.redhat.com/errata/RHSA-2011-1264.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/45131"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/45658"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/45742"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/45901"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/46032"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/46043"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/46793"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/48058"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/48434"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/48439"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://sourceforge.net/projects/modplug-xmms/files/libmodplug/0.8.8.4/"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://ubuntu.com/usn/usn-1255-1"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.debian.org/security/2012/dsa-2415"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-201203-14.xml"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-201203-16.xml"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.openwall.com/lists/oss-security/2011/08/10/4"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.openwall.com/lists/oss-security/2011/08/12/4"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.osvdb.org/74210"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/bid/48979"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/68985"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://jira.atheme.org/browse/AUDPLUG-394"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-August/063786.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-September/066044.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00019.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://modplug-xmms.git.sourceforge.net/git/gitweb.cgi?p=modplug-xmms/modplug-xmms%3Ba=commitdiff%3Bh=26243ab9fe1171f70053e9aec4b20e9f7de9e4ef"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://rhn.redhat.com/errata/RHSA-2011-1264.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/45131"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/45658"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/45742"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/45901"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/46032"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/46043"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/46793"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/48058"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/48434"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/48439"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://sourceforge.net/projects/modplug-xmms/files/libmodplug/0.8.8.4/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://ubuntu.com/usn/usn-1255-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2012/dsa-2415"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-201203-14.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-201203-16.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.openwall.com/lists/oss-security/2011/08/10/4"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.openwall.com/lists/oss-security/2011/08/12/4"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.osvdb.org/74210"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/48979"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/68985"
    }
  ],
  "sourceIdentifier": "secalert@redhat.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-189"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

FKIE_CVE-2011-1761

Vulnerability from fkie_nvd - Published: 2012-06-07 19:55 - Updated: 2026-04-29 01:13

Severity ?

Summary

Multiple stack-based buffer overflows in the (1) abc_new_macro and (2) abc_new_umacro functions in src/load_abc.cpp in libmodplug before 0.8.8.3 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted ABC file. NOTE: some of these details are obtained from third party information.

References

URL	Tags
secalert@redhat.com	http://lists.fedoraproject.org/pipermail/package-announce/2011-May/060520.html
secalert@redhat.com	http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00019.html
secalert@redhat.com	http://secunia.com/advisories/44388	Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/44695	Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/44870	Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/45742	Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/48058	Vendor Advisory
secalert@redhat.com	http://ubuntu.com/usn/usn-1148-1
secalert@redhat.com	http://www.debian.org/security/2012/dsa-2415
secalert@redhat.com	http://www.exploit-db.com/exploits/17222
secalert@redhat.com	http://www.openwall.com/lists/oss-security/2011/05/02/1
secalert@redhat.com	http://www.openwall.com/lists/oss-security/2011/05/02/19
secalert@redhat.com	http://www.osvdb.org/72157
af854a3a-2127-422b-91ae-364da2661108	http://lists.fedoraproject.org/pipermail/package-announce/2011-May/060520.html
af854a3a-2127-422b-91ae-364da2661108	http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00019.html
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/44388	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/44695	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/44870	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/45742	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/48058	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://ubuntu.com/usn/usn-1148-1
af854a3a-2127-422b-91ae-364da2661108	http://www.debian.org/security/2012/dsa-2415
af854a3a-2127-422b-91ae-364da2661108	http://www.exploit-db.com/exploits/17222
af854a3a-2127-422b-91ae-364da2661108	http://www.openwall.com/lists/oss-security/2011/05/02/1
af854a3a-2127-422b-91ae-364da2661108	http://www.openwall.com/lists/oss-security/2011/05/02/19
af854a3a-2127-422b-91ae-364da2661108	http://www.osvdb.org/72157

Impacted products

Vendor	Product	Version
konstanty_bialkowski	libmodplug	*
konstanty_bialkowski	libmodplug	0.8
konstanty_bialkowski	libmodplug	0.8.4
konstanty_bialkowski	libmodplug	0.8.5
konstanty_bialkowski	libmodplug	0.8.6
konstanty_bialkowski	libmodplug	0.8.7
konstanty_bialkowski	libmodplug	0.8.8
konstanty_bialkowski	libmodplug	0.8.8.1

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:konstanty_bialkowski:libmodplug:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4A7C9ADA-9E27-40C0-BA5C-3BDED9C22F60",
              "versionEndIncluding": "0.8.8.2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:konstanty_bialkowski:libmodplug:0.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "5E90B264-B800-4D01-B9C6-1B1A97702F07",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:konstanty_bialkowski:libmodplug:0.8.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "7869CDE5-B184-42EB-B0D6-6E6164AA324A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:konstanty_bialkowski:libmodplug:0.8.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "CBA5392B-E9CE-4092-BF72-5A661F1C20F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:konstanty_bialkowski:libmodplug:0.8.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "0DD56CB5-038F-45A9-AE9B-489186624232",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:konstanty_bialkowski:libmodplug:0.8.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "33E92586-2A99-45B5-8A78-5E35F1CF4FC8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:konstanty_bialkowski:libmodplug:0.8.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "6F6BFC6E-7932-49F7-A917-34B53474A4BE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:konstanty_bialkowski:libmodplug:0.8.8.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "D5406CCC-DD17-402A-996C-A1CCA558F27B",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Multiple stack-based buffer overflows in the (1) abc_new_macro and (2) abc_new_umacro functions in src/load_abc.cpp in libmodplug before 0.8.8.3 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted ABC file.  NOTE: some of these details are obtained from third party information."
    },
    {
      "lang": "es",
      "value": "M\u00faltiples desbordamientos de b\u00fafer basados ??en pila en las funciones (1) abc_new_macro y (2) abc_new_umacro en src/load_abc.cpp en libmodplug antes de v0.8.8.3 permiten a atacantes remotos causar una denegaci\u00f3n de servicio (ca\u00edda) y posiblemente ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de un archivo ABC espec\u00edficamente elaborado para este fin. NOTA: algunos de estos detalles han sido obtenidos de informaci\u00f3n de terceros."
    }
  ],
  "id": "CVE-2011-1761",
  "lastModified": "2026-04-29T01:13:23.040",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 6.8,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2012-06-07T19:55:02.883",
  "references": [
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-May/060520.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00019.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/44388"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/44695"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/44870"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/45742"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/48058"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://ubuntu.com/usn/usn-1148-1"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.debian.org/security/2012/dsa-2415"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.exploit-db.com/exploits/17222"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.openwall.com/lists/oss-security/2011/05/02/1"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.openwall.com/lists/oss-security/2011/05/02/19"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.osvdb.org/72157"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-May/060520.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00019.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/44388"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/44695"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/44870"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/45742"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/48058"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://ubuntu.com/usn/usn-1148-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2012/dsa-2415"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.exploit-db.com/exploits/17222"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.openwall.com/lists/oss-security/2011/05/02/1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.openwall.com/lists/oss-security/2011/05/02/19"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.osvdb.org/72157"
    }
  ],
  "sourceIdentifier": "secalert@redhat.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-119"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

FKIE_CVE-2011-1574

Vulnerability from fkie_nvd - Published: 2011-05-09 22:55 - Updated: 2026-04-29 01:13

Severity ?

Summary

Stack-based buffer overflow in the ReadS3M method in load_s3m.cpp in libmodplug before 0.8.8.2 allows remote attackers to execute arbitrary code via a crafted S3M file.

References

URL	Tags
secalert@redhat.com	http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=622091	Patch
secalert@redhat.com	http://modplug-xmms.git.sourceforge.net/git/gitweb.cgi?p=modplug-xmms/modplug-xmms%3Ba=commit%3Bh=aecef259828a89bb00c2e6f78e89de7363b2237b
secalert@redhat.com	http://openwall.com/lists/oss-security/2011/04/11/13	Exploit, Patch
secalert@redhat.com	http://openwall.com/lists/oss-security/2011/04/11/6	Exploit, Patch
secalert@redhat.com	http://secunia.com/advisories/44870
secalert@redhat.com	http://secunia.com/advisories/48434
secalert@redhat.com	http://securityreason.com/securityalert/8243
secalert@redhat.com	http://securitytracker.com/id?1025480
secalert@redhat.com	http://www.debian.org/security/2011/dsa-2226
secalert@redhat.com	http://www.gentoo.org/security/en/glsa/glsa-201203-16.xml
secalert@redhat.com	http://www.mandriva.com/security/advisories?name=MDVSA-2011:085
secalert@redhat.com	https://bugzilla.redhat.com/show_bug.cgi?id=695420	Exploit, Patch
secalert@redhat.com	https://rhn.redhat.com/errata/RHSA-2011-0477.html
secalert@redhat.com	https://www.sec-consult.com/files/20110407-0_libmodplug_stackoverflow.txt	Exploit
secalert@redhat.com	https://www.ubuntu.com/usn/USN-1148-1/
af854a3a-2127-422b-91ae-364da2661108	http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=622091	Patch
af854a3a-2127-422b-91ae-364da2661108	http://modplug-xmms.git.sourceforge.net/git/gitweb.cgi?p=modplug-xmms/modplug-xmms%3Ba=commit%3Bh=aecef259828a89bb00c2e6f78e89de7363b2237b
af854a3a-2127-422b-91ae-364da2661108	http://openwall.com/lists/oss-security/2011/04/11/13	Exploit, Patch
af854a3a-2127-422b-91ae-364da2661108	http://openwall.com/lists/oss-security/2011/04/11/6	Exploit, Patch
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/44870
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/48434
af854a3a-2127-422b-91ae-364da2661108	http://securityreason.com/securityalert/8243
af854a3a-2127-422b-91ae-364da2661108	http://securitytracker.com/id?1025480
af854a3a-2127-422b-91ae-364da2661108	http://www.debian.org/security/2011/dsa-2226
af854a3a-2127-422b-91ae-364da2661108	http://www.gentoo.org/security/en/glsa/glsa-201203-16.xml
af854a3a-2127-422b-91ae-364da2661108	http://www.mandriva.com/security/advisories?name=MDVSA-2011:085
af854a3a-2127-422b-91ae-364da2661108	https://bugzilla.redhat.com/show_bug.cgi?id=695420	Exploit, Patch
af854a3a-2127-422b-91ae-364da2661108	https://rhn.redhat.com/errata/RHSA-2011-0477.html
af854a3a-2127-422b-91ae-364da2661108	https://www.sec-consult.com/files/20110407-0_libmodplug_stackoverflow.txt	Exploit
af854a3a-2127-422b-91ae-364da2661108	https://www.ubuntu.com/usn/USN-1148-1/

Impacted products

Vendor	Product	Version
konstanty_bialkowski	libmodplug	*
konstanty_bialkowski	libmodplug	0.8
konstanty_bialkowski	libmodplug	0.8.4
konstanty_bialkowski	libmodplug	0.8.5
konstanty_bialkowski	libmodplug	0.8.6
konstanty_bialkowski	libmodplug	0.8.7
konstanty_bialkowski	libmodplug	0.8.8

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:konstanty_bialkowski:libmodplug:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4BE5F4CD-6A11-4AF7-B774-4BE150C1F913",
              "versionEndIncluding": "0.8.8.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:konstanty_bialkowski:libmodplug:0.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "5E90B264-B800-4D01-B9C6-1B1A97702F07",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:konstanty_bialkowski:libmodplug:0.8.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "7869CDE5-B184-42EB-B0D6-6E6164AA324A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:konstanty_bialkowski:libmodplug:0.8.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "CBA5392B-E9CE-4092-BF72-5A661F1C20F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:konstanty_bialkowski:libmodplug:0.8.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "0DD56CB5-038F-45A9-AE9B-489186624232",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:konstanty_bialkowski:libmodplug:0.8.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "33E92586-2A99-45B5-8A78-5E35F1CF4FC8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:konstanty_bialkowski:libmodplug:0.8.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "6F6BFC6E-7932-49F7-A917-34B53474A4BE",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Stack-based buffer overflow in the ReadS3M method in load_s3m.cpp in libmodplug before 0.8.8.2 allows remote attackers to execute arbitrary code via a crafted S3M file."
    },
    {
      "lang": "es",
      "value": "Desbordamiento de b\u00fafer basado en pila en M\u00e9todo ReadS3M en load_s3m.cpp de libmodplug con anterioridad a v0.8.8.2, permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de un fichero S3M manipulado.\r\n"
    }
  ],
  "id": "CVE-2011-1574",
  "lastModified": "2026-04-29T01:13:23.040",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 6.8,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2011-05-09T22:55:01.990",
  "references": [
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch"
      ],
      "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=622091"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://modplug-xmms.git.sourceforge.net/git/gitweb.cgi?p=modplug-xmms/modplug-xmms%3Ba=commit%3Bh=aecef259828a89bb00c2e6f78e89de7363b2237b"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Exploit",
        "Patch"
      ],
      "url": "http://openwall.com/lists/oss-security/2011/04/11/13"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Exploit",
        "Patch"
      ],
      "url": "http://openwall.com/lists/oss-security/2011/04/11/6"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/44870"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/48434"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://securityreason.com/securityalert/8243"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://securitytracker.com/id?1025480"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.debian.org/security/2011/dsa-2226"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-201203-16.xml"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:085"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Exploit",
        "Patch"
      ],
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=695420"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://rhn.redhat.com/errata/RHSA-2011-0477.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Exploit"
      ],
      "url": "https://www.sec-consult.com/files/20110407-0_libmodplug_stackoverflow.txt"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://www.ubuntu.com/usn/USN-1148-1/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=622091"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://modplug-xmms.git.sourceforge.net/git/gitweb.cgi?p=modplug-xmms/modplug-xmms%3Ba=commit%3Bh=aecef259828a89bb00c2e6f78e89de7363b2237b"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Patch"
      ],
      "url": "http://openwall.com/lists/oss-security/2011/04/11/13"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Patch"
      ],
      "url": "http://openwall.com/lists/oss-security/2011/04/11/6"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/44870"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/48434"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securityreason.com/securityalert/8243"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securitytracker.com/id?1025480"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2011/dsa-2226"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-201203-16.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:085"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Patch"
      ],
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=695420"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://rhn.redhat.com/errata/RHSA-2011-0477.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit"
      ],
      "url": "https://www.sec-consult.com/files/20110407-0_libmodplug_stackoverflow.txt"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.ubuntu.com/usn/USN-1148-1/"
    }
  ],
  "sourceIdentifier": "secalert@redhat.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-119"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

FKIE_CVE-2009-1513

Vulnerability from fkie_nvd - Published: 2009-05-04 16:30 - Updated: 2026-04-23 00:35

Severity ?

Summary

Buffer overflow in the PATinst function in src/load_pat.cpp in libmodplug before 0.8.7 allows user-assisted remote attackers to cause a denial of service and possibly execute arbitrary code via a long instrument name.

References

URL	Tags
cve@mitre.org	http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=526084
cve@mitre.org	http://modplug-xmms.cvs.sourceforge.net/viewvc/modplug-xmms/libmodplug/src/load_pat.cpp?r1=1.3&r2=1.4
cve@mitre.org	http://modplug-xmms.git.sourceforge.net/git/gitweb.cgi?p=modplug-xmms%3Ba=commitdiff%3Bh=c4ebb701be6ee9a296a44fdac5a20b7739ff0595
cve@mitre.org	http://osvdb.org/54109
cve@mitre.org	http://secunia.com/advisories/34927	Vendor Advisory
cve@mitre.org	http://secunia.com/advisories/35026
cve@mitre.org	http://secunia.com/advisories/35736
cve@mitre.org	http://secunia.com/advisories/36158
cve@mitre.org	http://security.gentoo.org/glsa/glsa-200907-07.xml
cve@mitre.org	http://sourceforge.net/project/shownotes.php?release_id=678622&group_id=1275	Patch
cve@mitre.org	http://sourceforge.net/tracker/?func=detail&aid=2777467&group_id=1275&atid=301275	Patch
cve@mitre.org	http://www.debian.org/security/2009/dsa-1850
cve@mitre.org	http://www.mandriva.com/security/advisories?name=MDVSA-2009:128
cve@mitre.org	http://www.openwall.com/lists/oss-security/2009/04/29/5
cve@mitre.org	http://www.securityfocus.com/bid/34747	Patch
cve@mitre.org	http://www.ubuntu.com/usn/USN-771-1
cve@mitre.org	http://www.vupen.com/english/advisories/2009/1200	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=526084
af854a3a-2127-422b-91ae-364da2661108	http://modplug-xmms.cvs.sourceforge.net/viewvc/modplug-xmms/libmodplug/src/load_pat.cpp?r1=1.3&r2=1.4
af854a3a-2127-422b-91ae-364da2661108	http://modplug-xmms.git.sourceforge.net/git/gitweb.cgi?p=modplug-xmms%3Ba=commitdiff%3Bh=c4ebb701be6ee9a296a44fdac5a20b7739ff0595
af854a3a-2127-422b-91ae-364da2661108	http://osvdb.org/54109
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/34927	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/35026
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/35736
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/36158
af854a3a-2127-422b-91ae-364da2661108	http://security.gentoo.org/glsa/glsa-200907-07.xml
af854a3a-2127-422b-91ae-364da2661108	http://sourceforge.net/project/shownotes.php?release_id=678622&group_id=1275	Patch
af854a3a-2127-422b-91ae-364da2661108	http://sourceforge.net/tracker/?func=detail&aid=2777467&group_id=1275&atid=301275	Patch
af854a3a-2127-422b-91ae-364da2661108	http://www.debian.org/security/2009/dsa-1850
af854a3a-2127-422b-91ae-364da2661108	http://www.mandriva.com/security/advisories?name=MDVSA-2009:128
af854a3a-2127-422b-91ae-364da2661108	http://www.openwall.com/lists/oss-security/2009/04/29/5
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/34747	Patch
af854a3a-2127-422b-91ae-364da2661108	http://www.ubuntu.com/usn/USN-771-1
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2009/1200	Patch, Vendor Advisory

Impacted products

Vendor	Product	Version
konstanty_bialkowski	libmodplug	*
konstanty_bialkowski	libmodplug	0.8
konstanty_bialkowski	libmodplug	0.8.4
konstanty_bialkowski	libmodplug	0.8.5

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:konstanty_bialkowski:libmodplug:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DD0CAE8E-3B2A-4630-868C-79071A5A0450",
              "versionEndIncluding": "0.8.6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:konstanty_bialkowski:libmodplug:0.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "5E90B264-B800-4D01-B9C6-1B1A97702F07",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:konstanty_bialkowski:libmodplug:0.8.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "7869CDE5-B184-42EB-B0D6-6E6164AA324A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:konstanty_bialkowski:libmodplug:0.8.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "CBA5392B-E9CE-4092-BF72-5A661F1C20F1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Buffer overflow in the PATinst function in src/load_pat.cpp in libmodplug before 0.8.7 allows user-assisted remote attackers to cause a denial of service and possibly execute arbitrary code via a long instrument name."
    },
    {
      "lang": "es",
      "value": "Desbordamiento de b\u00fafer en la funci\u00f3n PATinst en src/load_pat.cpp en libmodplug anteriores a v0.8.7 permite a atacantes remotos asistidos por usuarios, provocar una denegaci\u00f3n de servicio y posiblemente la ejecuci\u00f3n de c\u00f3digo de su elecci\u00f3n mediante un nombre de instrumento largo."
    }
  ],
  "id": "CVE-2009-1513",
  "lastModified": "2026-04-23T00:35:47.467",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 6.8,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2009-05-04T16:30:00.187",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=526084"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://modplug-xmms.cvs.sourceforge.net/viewvc/modplug-xmms/libmodplug/src/load_pat.cpp?r1=1.3\u0026r2=1.4"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://modplug-xmms.git.sourceforge.net/git/gitweb.cgi?p=modplug-xmms%3Ba=commitdiff%3Bh=c4ebb701be6ee9a296a44fdac5a20b7739ff0595"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://osvdb.org/54109"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/34927"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/35026"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/35736"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/36158"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://security.gentoo.org/glsa/glsa-200907-07.xml"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://sourceforge.net/project/shownotes.php?release_id=678622\u0026group_id=1275"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://sourceforge.net/tracker/?func=detail\u0026aid=2777467\u0026group_id=1275\u0026atid=301275"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.debian.org/security/2009/dsa-1850"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:128"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.openwall.com/lists/oss-security/2009/04/29/5"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/34747"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.ubuntu.com/usn/USN-771-1"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2009/1200"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=526084"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://modplug-xmms.cvs.sourceforge.net/viewvc/modplug-xmms/libmodplug/src/load_pat.cpp?r1=1.3\u0026r2=1.4"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://modplug-xmms.git.sourceforge.net/git/gitweb.cgi?p=modplug-xmms%3Ba=commitdiff%3Bh=c4ebb701be6ee9a296a44fdac5a20b7739ff0595"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://osvdb.org/54109"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/34927"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/35026"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/35736"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/36158"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://security.gentoo.org/glsa/glsa-200907-07.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://sourceforge.net/project/shownotes.php?release_id=678622\u0026group_id=1275"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://sourceforge.net/tracker/?func=detail\u0026aid=2777467\u0026group_id=1275\u0026atid=301275"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2009/dsa-1850"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:128"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.openwall.com/lists/oss-security/2009/04/29/5"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/34747"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.ubuntu.com/usn/USN-771-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2009/1200"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vendorComments": [
    {
      "comment": "Not vulnerable. This issue did not affect the versions of libmodplug embedded in gstreamer-plugins as shipped with Red Hat Enterprise Linux 3 and 4, as they do not include support for the PAT file type.",
      "lastModified": "2009-05-12T00:00:00",
      "organization": "Red Hat"
    }
  ],
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-119"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

CVE-2013-4234 (GCVE-0-2013-4234)

Vulnerability from cvelistv5 – Published: 2013-09-16 19:00 – Updated: 2024-08-06 16:38

Summary

Multiple heap-based buffer overflows in the (1) abc_MIDI_drum and (2) abc_MIDI_gchord functions in load_abc.cpp in libmodplug 0.8.8.4 and earlier allow remote attackers to cause a denial of service (memory corruption and crash) and possibly execute arbitrary code via a crafted ABC.

Severity ?

No CVSS data available.

CWE

n/a

Assigner

redhat

References

URL

Tags

	http://www.debian.org/security/2013/dsa-2751	vendor-advisoryx_refsource_DEBIAN
	http://blog.scrt.ch/2013/07/24/vlc-abc-parsing-se…	x_refsource_MISC
	http://secunia.com/advisories/54388	third-party-advisoryx_refsource_SECUNIA
	http://www.openwall.com/lists/oss-security/2013/08/10/3	mailing-listx_refsource_MLIST
	http://www.securityfocus.com/bid/61714	vdb-entryx_refsource_BID
	http://secunia.com/advisories/54695	third-party-advisoryx_refsource_SECUNIA

Date Public ?

2013-07-24 00:00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T16:38:01.767Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "DSA-2751",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2013/dsa-2751"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://blog.scrt.ch/2013/07/24/vlc-abc-parsing-seems-to-be-a-ctf-challenge/"
          },
          {
            "name": "54388",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/54388"
          },
          {
            "name": "[oss-security] 20130809 Re: CVE Request - LibModPlug \u003c=0.8.8.4 multiple heap  overflow",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2013/08/10/3"
          },
          {
            "name": "61714",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/61714"
          },
          {
            "name": "54695",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/54695"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2013-07-24T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Multiple heap-based buffer overflows in the (1) abc_MIDI_drum and (2) abc_MIDI_gchord functions in load_abc.cpp in libmodplug 0.8.8.4 and earlier allow remote attackers to cause a denial of service (memory corruption and crash) and possibly execute arbitrary code via a crafted ABC."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2016-12-29T18:57:01.000Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "DSA-2751",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2013/dsa-2751"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://blog.scrt.ch/2013/07/24/vlc-abc-parsing-seems-to-be-a-ctf-challenge/"
        },
        {
          "name": "54388",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/54388"
        },
        {
          "name": "[oss-security] 20130809 Re: CVE Request - LibModPlug \u003c=0.8.8.4 multiple heap  overflow",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2013/08/10/3"
        },
        {
          "name": "61714",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/61714"
        },
        {
          "name": "54695",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/54695"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secalert@redhat.com",
          "ID": "CVE-2013-4234",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Multiple heap-based buffer overflows in the (1) abc_MIDI_drum and (2) abc_MIDI_gchord functions in load_abc.cpp in libmodplug 0.8.8.4 and earlier allow remote attackers to cause a denial of service (memory corruption and crash) and possibly execute arbitrary code via a crafted ABC."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "DSA-2751",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2013/dsa-2751"
            },
            {
              "name": "http://blog.scrt.ch/2013/07/24/vlc-abc-parsing-seems-to-be-a-ctf-challenge/",
              "refsource": "MISC",
              "url": "http://blog.scrt.ch/2013/07/24/vlc-abc-parsing-seems-to-be-a-ctf-challenge/"
            },
            {
              "name": "54388",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/54388"
            },
            {
              "name": "[oss-security] 20130809 Re: CVE Request - LibModPlug \u003c=0.8.8.4 multiple heap  overflow",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2013/08/10/3"
            },
            {
              "name": "61714",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/61714"
            },
            {
              "name": "54695",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/54695"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2013-4234",
    "datePublished": "2013-09-16T19:00:00.000Z",
    "dateReserved": "2013-06-12T00:00:00.000Z",
    "dateUpdated": "2024-08-06T16:38:01.767Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2013-4233 (GCVE-0-2013-4233)

Vulnerability from cvelistv5 – Published: 2013-09-16 19:00 – Updated: 2024-09-17 00:16

Summary

Integer overflow in the abc_set_parts function in load_abc.cpp in libmodplug 0.8.8.4 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted P header in an ABC file, which triggers a heap-based buffer overflow.

Severity ?

No CVSS data available.

CWE

n/a

Assigner

redhat

References

URL

Tags

	http://www.debian.org/security/2013/dsa-2751	vendor-advisoryx_refsource_DEBIAN
	http://blog.scrt.ch/2013/07/24/vlc-abc-parsing-se…	x_refsource_MISC
	http://secunia.com/advisories/54388	third-party-advisoryx_refsource_SECUNIA
	http://www.openwall.com/lists/oss-security/2013/08/10/3	mailing-listx_refsource_MLIST
	http://secunia.com/advisories/54695	third-party-advisoryx_refsource_SECUNIA

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T16:38:01.693Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "DSA-2751",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2013/dsa-2751"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://blog.scrt.ch/2013/07/24/vlc-abc-parsing-seems-to-be-a-ctf-challenge/"
          },
          {
            "name": "54388",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/54388"
          },
          {
            "name": "[oss-security] 20130809 Re: CVE Request - LibModPlug \u003c=0.8.8.4 multiple heap  overflow",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2013/08/10/3"
          },
          {
            "name": "54695",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/54695"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Integer overflow in the abc_set_parts function in load_abc.cpp in libmodplug 0.8.8.4 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted P header in an ABC file, which triggers a heap-based buffer overflow."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2013-09-16T19:00:00.000Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "DSA-2751",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2013/dsa-2751"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://blog.scrt.ch/2013/07/24/vlc-abc-parsing-seems-to-be-a-ctf-challenge/"
        },
        {
          "name": "54388",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/54388"
        },
        {
          "name": "[oss-security] 20130809 Re: CVE Request - LibModPlug \u003c=0.8.8.4 multiple heap  overflow",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2013/08/10/3"
        },
        {
          "name": "54695",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/54695"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secalert@redhat.com",
          "ID": "CVE-2013-4233",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Integer overflow in the abc_set_parts function in load_abc.cpp in libmodplug 0.8.8.4 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted P header in an ABC file, which triggers a heap-based buffer overflow."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "DSA-2751",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2013/dsa-2751"
            },
            {
              "name": "http://blog.scrt.ch/2013/07/24/vlc-abc-parsing-seems-to-be-a-ctf-challenge/",
              "refsource": "MISC",
              "url": "http://blog.scrt.ch/2013/07/24/vlc-abc-parsing-seems-to-be-a-ctf-challenge/"
            },
            {
              "name": "54388",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/54388"
            },
            {
              "name": "[oss-security] 20130809 Re: CVE Request - LibModPlug \u003c=0.8.8.4 multiple heap  overflow",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2013/08/10/3"
            },
            {
              "name": "54695",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/54695"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2013-4233",
    "datePublished": "2013-09-16T19:00:00.000Z",
    "dateReserved": "2013-06-12T00:00:00.000Z",
    "dateUpdated": "2024-09-17T00:16:36.871Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2011-2913 (GCVE-0-2011-2913)

Vulnerability from cvelistv5 – Published: 2012-06-07 19:00 – Updated: 2024-08-06 23:15

Summary

Off-by-one error in the CSoundFile::ReadAMS function in src/load_ams.cpp in libmodplug before 0.8.8.4 allows remote attackers to cause a denial of service (stack memory corruption) and possibly execute arbitrary code via a crafted AMS file with a large number of samples.

Severity ?

No CVSS data available.

CWE

n/a

Assigner

redhat

References

URL

Tags

	http://lists.fedoraproject.org/pipermail/package-…	vendor-advisoryx_refsource_FEDORA
	http://www.openwall.com/lists/oss-security/2011/08/10/4	mailing-listx_refsource_MLIST
	http://www.debian.org/security/2012/dsa-2415	vendor-advisoryx_refsource_DEBIAN
	http://sourceforge.net/projects/modplug-xmms/file…	x_refsource_CONFIRM
	http://www.gentoo.org/security/en/glsa/glsa-20120…	vendor-advisoryx_refsource_GENTOO
	http://lists.fedoraproject.org/pipermail/package-…	vendor-advisoryx_refsource_FEDORA
	http://secunia.com/advisories/45131	third-party-advisoryx_refsource_SECUNIA
	http://www.openwall.com/lists/oss-security/2011/08/12/4	mailing-listx_refsource_MLIST
	http://modplug-xmms.git.sourceforge.net/git/gitwe…	x_refsource_CONFIRM
	http://secunia.com/advisories/48058	third-party-advisoryx_refsource_SECUNIA
	http://secunia.com/advisories/46032	third-party-advisoryx_refsource_SECUNIA
	http://secunia.com/advisories/46793	third-party-advisoryx_refsource_SECUNIA
	http://secunia.com/advisories/48439	third-party-advisoryx_refsource_SECUNIA
	http://secunia.com/advisories/45742	third-party-advisoryx_refsource_SECUNIA
	http://ubuntu.com/usn/usn-1255-1	vendor-advisoryx_refsource_UBUNTU
	http://lists.opensuse.org/opensuse-security-annou…	vendor-advisoryx_refsource_SUSE
	http://secunia.com/advisories/48434	third-party-advisoryx_refsource_SECUNIA
	http://www.securityfocus.com/bid/48979	vdb-entryx_refsource_BID
	http://www.gentoo.org/security/en/glsa/glsa-20120…	vendor-advisoryx_refsource_GENTOO
	http://secunia.com/advisories/45901	third-party-advisoryx_refsource_SECUNIA
	http://rhn.redhat.com/errata/RHSA-2011-1264.html	vendor-advisoryx_refsource_REDHAT
	https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF
	http://secunia.com/advisories/46043	third-party-advisoryx_refsource_SECUNIA
	http://jira.atheme.org/browse/AUDPLUG-394	x_refsource_CONFIRM
	http://www.osvdb.org/74210	vdb-entryx_refsource_OSVDB
	http://secunia.com/advisories/45658	third-party-advisoryx_refsource_SECUNIA

Date Public ?

2011-08-03 00:00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T23:15:31.946Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "FEDORA-2011-12370",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-September/066044.html"
          },
          {
            "name": "[oss-security] 20120810 CVE request: libmodplug: multiple  vulnerabilities reported in \u003c= 0.8.8.3",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2011/08/10/4"
          },
          {
            "name": "DSA-2415",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2012/dsa-2415"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://sourceforge.net/projects/modplug-xmms/files/libmodplug/0.8.8.4/"
          },
          {
            "name": "GLSA-201203-16",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://www.gentoo.org/security/en/glsa/glsa-201203-16.xml"
          },
          {
            "name": "FEDORA-2011-10503",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-August/063786.html"
          },
          {
            "name": "45131",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/45131"
          },
          {
            "name": "[oss-security] 20120812 Re: CVE request: libmodplug: multiple  vulnerabilities reported in \u003c= 0.8.8.3",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2011/08/12/4"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://modplug-xmms.git.sourceforge.net/git/gitweb.cgi?p=modplug-xmms/modplug-xmms%3Ba=commitdiff%3Bh=26243ab9fe1171f70053e9aec4b20e9f7de9e4ef"
          },
          {
            "name": "48058",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/48058"
          },
          {
            "name": "46032",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/46032"
          },
          {
            "name": "46793",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/46793"
          },
          {
            "name": "48439",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/48439"
          },
          {
            "name": "45742",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/45742"
          },
          {
            "name": "USN-1255-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://ubuntu.com/usn/usn-1255-1"
          },
          {
            "name": "openSUSE-SU-2011:0943",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00019.html"
          },
          {
            "name": "48434",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/48434"
          },
          {
            "name": "48979",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/48979"
          },
          {
            "name": "GLSA-201203-14",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://www.gentoo.org/security/en/glsa/glsa-201203-14.xml"
          },
          {
            "name": "45901",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/45901"
          },
          {
            "name": "RHSA-2011:1264",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2011-1264.html"
          },
          {
            "name": "libmodplug-ams-code-execution(68985)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/68985"
          },
          {
            "name": "46043",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/46043"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://jira.atheme.org/browse/AUDPLUG-394"
          },
          {
            "name": "74210",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://www.osvdb.org/74210"
          },
          {
            "name": "45658",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/45658"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2011-08-03T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Off-by-one error in the CSoundFile::ReadAMS function in src/load_ams.cpp in libmodplug before 0.8.8.4 allows remote attackers to cause a denial of service (stack memory corruption) and possibly execute arbitrary code via a crafted AMS file with a large number of samples."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-08-28T12:57:01.000Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "FEDORA-2011-12370",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-September/066044.html"
        },
        {
          "name": "[oss-security] 20120810 CVE request: libmodplug: multiple  vulnerabilities reported in \u003c= 0.8.8.3",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2011/08/10/4"
        },
        {
          "name": "DSA-2415",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2012/dsa-2415"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://sourceforge.net/projects/modplug-xmms/files/libmodplug/0.8.8.4/"
        },
        {
          "name": "GLSA-201203-16",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://www.gentoo.org/security/en/glsa/glsa-201203-16.xml"
        },
        {
          "name": "FEDORA-2011-10503",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-August/063786.html"
        },
        {
          "name": "45131",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/45131"
        },
        {
          "name": "[oss-security] 20120812 Re: CVE request: libmodplug: multiple  vulnerabilities reported in \u003c= 0.8.8.3",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2011/08/12/4"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://modplug-xmms.git.sourceforge.net/git/gitweb.cgi?p=modplug-xmms/modplug-xmms%3Ba=commitdiff%3Bh=26243ab9fe1171f70053e9aec4b20e9f7de9e4ef"
        },
        {
          "name": "48058",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/48058"
        },
        {
          "name": "46032",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/46032"
        },
        {
          "name": "46793",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/46793"
        },
        {
          "name": "48439",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/48439"
        },
        {
          "name": "45742",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/45742"
        },
        {
          "name": "USN-1255-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://ubuntu.com/usn/usn-1255-1"
        },
        {
          "name": "openSUSE-SU-2011:0943",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00019.html"
        },
        {
          "name": "48434",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/48434"
        },
        {
          "name": "48979",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/48979"
        },
        {
          "name": "GLSA-201203-14",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://www.gentoo.org/security/en/glsa/glsa-201203-14.xml"
        },
        {
          "name": "45901",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/45901"
        },
        {
          "name": "RHSA-2011:1264",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2011-1264.html"
        },
        {
          "name": "libmodplug-ams-code-execution(68985)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/68985"
        },
        {
          "name": "46043",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/46043"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://jira.atheme.org/browse/AUDPLUG-394"
        },
        {
          "name": "74210",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://www.osvdb.org/74210"
        },
        {
          "name": "45658",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/45658"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2011-2913",
    "datePublished": "2012-06-07T19:00:00.000Z",
    "dateReserved": "2011-07-27T00:00:00.000Z",
    "dateUpdated": "2024-08-06T23:15:31.946Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2011-2914 (GCVE-0-2011-2914)

Vulnerability from cvelistv5 – Published: 2012-06-07 19:00 – Updated: 2024-08-06 23:15

Summary

Off-by-one error in the CSoundFile::ReadDSM function in src/load_dms.cpp in libmodplug before 0.8.8.4 allows remote attackers to cause a denial of service (memory corruption) and possibly execute arbitrary code via a crafted DSM file with a large number of samples.

Severity ?

No CVSS data available.

CWE

n/a

Assigner

redhat

References

URL

Tags

	http://lists.fedoraproject.org/pipermail/package-…	vendor-advisoryx_refsource_FEDORA
	http://www.openwall.com/lists/oss-security/2011/08/10/4	mailing-listx_refsource_MLIST
	http://www.debian.org/security/2012/dsa-2415	vendor-advisoryx_refsource_DEBIAN
	http://sourceforge.net/projects/modplug-xmms/file…	x_refsource_CONFIRM
	http://www.gentoo.org/security/en/glsa/glsa-20120…	vendor-advisoryx_refsource_GENTOO
	http://www.osvdb.org/74211	vdb-entryx_refsource_OSVDB
	http://lists.fedoraproject.org/pipermail/package-…	vendor-advisoryx_refsource_FEDORA
	http://secunia.com/advisories/45131	third-party-advisoryx_refsource_SECUNIA
	http://www.openwall.com/lists/oss-security/2011/08/12/4	mailing-listx_refsource_MLIST
	http://modplug-xmms.git.sourceforge.net/git/gitwe…	x_refsource_CONFIRM
	http://secunia.com/advisories/48058	third-party-advisoryx_refsource_SECUNIA
	http://secunia.com/advisories/46032	third-party-advisoryx_refsource_SECUNIA
	http://secunia.com/advisories/46793	third-party-advisoryx_refsource_SECUNIA
	https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF
	http://secunia.com/advisories/48439	third-party-advisoryx_refsource_SECUNIA
	http://secunia.com/advisories/45742	third-party-advisoryx_refsource_SECUNIA
	http://ubuntu.com/usn/usn-1255-1	vendor-advisoryx_refsource_UBUNTU
	http://lists.opensuse.org/opensuse-security-annou…	vendor-advisoryx_refsource_SUSE
	http://secunia.com/advisories/48434	third-party-advisoryx_refsource_SECUNIA
	http://www.securityfocus.com/bid/48979	vdb-entryx_refsource_BID
	http://www.gentoo.org/security/en/glsa/glsa-20120…	vendor-advisoryx_refsource_GENTOO
	http://secunia.com/advisories/45901	third-party-advisoryx_refsource_SECUNIA
	http://rhn.redhat.com/errata/RHSA-2011-1264.html	vendor-advisoryx_refsource_REDHAT
	http://secunia.com/advisories/46043	third-party-advisoryx_refsource_SECUNIA
	http://jira.atheme.org/browse/AUDPLUG-394	x_refsource_CONFIRM
	http://secunia.com/advisories/45658	third-party-advisoryx_refsource_SECUNIA

Date Public ?

2011-08-03 00:00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T23:15:31.776Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "FEDORA-2011-12370",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-September/066044.html"
          },
          {
            "name": "[oss-security] 20120810 CVE request: libmodplug: multiple  vulnerabilities reported in \u003c= 0.8.8.3",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2011/08/10/4"
          },
          {
            "name": "DSA-2415",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2012/dsa-2415"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://sourceforge.net/projects/modplug-xmms/files/libmodplug/0.8.8.4/"
          },
          {
            "name": "GLSA-201203-16",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://www.gentoo.org/security/en/glsa/glsa-201203-16.xml"
          },
          {
            "name": "74211",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://www.osvdb.org/74211"
          },
          {
            "name": "FEDORA-2011-10503",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-August/063786.html"
          },
          {
            "name": "45131",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/45131"
          },
          {
            "name": "[oss-security] 20120812 Re: CVE request: libmodplug: multiple  vulnerabilities reported in \u003c= 0.8.8.3",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2011/08/12/4"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://modplug-xmms.git.sourceforge.net/git/gitweb.cgi?p=modplug-xmms/modplug-xmms%3Ba=commitdiff%3Bh=26243ab9fe1171f70053e9aec4b20e9f7de9e4ef"
          },
          {
            "name": "48058",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/48058"
          },
          {
            "name": "46032",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/46032"
          },
          {
            "name": "46793",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/46793"
          },
          {
            "name": "libmodplug-dsm-code-execution(68986)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/68985"
          },
          {
            "name": "48439",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/48439"
          },
          {
            "name": "45742",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/45742"
          },
          {
            "name": "USN-1255-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://ubuntu.com/usn/usn-1255-1"
          },
          {
            "name": "openSUSE-SU-2011:0943",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00019.html"
          },
          {
            "name": "48434",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/48434"
          },
          {
            "name": "48979",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/48979"
          },
          {
            "name": "GLSA-201203-14",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://www.gentoo.org/security/en/glsa/glsa-201203-14.xml"
          },
          {
            "name": "45901",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/45901"
          },
          {
            "name": "RHSA-2011:1264",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2011-1264.html"
          },
          {
            "name": "46043",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/46043"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://jira.atheme.org/browse/AUDPLUG-394"
          },
          {
            "name": "45658",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/45658"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2011-08-03T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Off-by-one error in the CSoundFile::ReadDSM function in src/load_dms.cpp in libmodplug before 0.8.8.4 allows remote attackers to cause a denial of service (memory corruption) and possibly execute arbitrary code via a crafted DSM file with a large number of samples."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-08-28T12:57:01.000Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "FEDORA-2011-12370",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-September/066044.html"
        },
        {
          "name": "[oss-security] 20120810 CVE request: libmodplug: multiple  vulnerabilities reported in \u003c= 0.8.8.3",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2011/08/10/4"
        },
        {
          "name": "DSA-2415",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2012/dsa-2415"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://sourceforge.net/projects/modplug-xmms/files/libmodplug/0.8.8.4/"
        },
        {
          "name": "GLSA-201203-16",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://www.gentoo.org/security/en/glsa/glsa-201203-16.xml"
        },
        {
          "name": "74211",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://www.osvdb.org/74211"
        },
        {
          "name": "FEDORA-2011-10503",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-August/063786.html"
        },
        {
          "name": "45131",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/45131"
        },
        {
          "name": "[oss-security] 20120812 Re: CVE request: libmodplug: multiple  vulnerabilities reported in \u003c= 0.8.8.3",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2011/08/12/4"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://modplug-xmms.git.sourceforge.net/git/gitweb.cgi?p=modplug-xmms/modplug-xmms%3Ba=commitdiff%3Bh=26243ab9fe1171f70053e9aec4b20e9f7de9e4ef"
        },
        {
          "name": "48058",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/48058"
        },
        {
          "name": "46032",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/46032"
        },
        {
          "name": "46793",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/46793"
        },
        {
          "name": "libmodplug-dsm-code-execution(68986)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/68985"
        },
        {
          "name": "48439",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/48439"
        },
        {
          "name": "45742",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/45742"
        },
        {
          "name": "USN-1255-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://ubuntu.com/usn/usn-1255-1"
        },
        {
          "name": "openSUSE-SU-2011:0943",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00019.html"
        },
        {
          "name": "48434",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/48434"
        },
        {
          "name": "48979",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/48979"
        },
        {
          "name": "GLSA-201203-14",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://www.gentoo.org/security/en/glsa/glsa-201203-14.xml"
        },
        {
          "name": "45901",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/45901"
        },
        {
          "name": "RHSA-2011:1264",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2011-1264.html"
        },
        {
          "name": "46043",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/46043"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://jira.atheme.org/browse/AUDPLUG-394"
        },
        {
          "name": "45658",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/45658"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2011-2914",
    "datePublished": "2012-06-07T19:00:00.000Z",
    "dateReserved": "2011-07-27T00:00:00.000Z",
    "dateUpdated": "2024-08-06T23:15:31.776Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2011-2912 (GCVE-0-2011-2912)

Vulnerability from cvelistv5 – Published: 2012-06-07 19:00 – Updated: 2024-08-06 23:15

Summary

Stack-based buffer overflow in the CSoundFile::ReadS3M function in src/load_s3m.cpp in libmodplug before 0.8.8.4 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted S3M file with an invalid offset.

Severity ?

No CVSS data available.

CWE

n/a

Assigner

redhat

References

URL

Tags

	http://lists.fedoraproject.org/pipermail/package-…	vendor-advisoryx_refsource_FEDORA
	http://www.openwall.com/lists/oss-security/2011/08/10/4	mailing-listx_refsource_MLIST
	http://www.debian.org/security/2012/dsa-2415	vendor-advisoryx_refsource_DEBIAN
	http://sourceforge.net/projects/modplug-xmms/file…	x_refsource_CONFIRM
	http://www.gentoo.org/security/en/glsa/glsa-20120…	vendor-advisoryx_refsource_GENTOO
	http://lists.fedoraproject.org/pipermail/package-…	vendor-advisoryx_refsource_FEDORA
	http://secunia.com/advisories/45131	third-party-advisoryx_refsource_SECUNIA
	http://www.openwall.com/lists/oss-security/2011/08/12/4	mailing-listx_refsource_MLIST
	http://secunia.com/advisories/48058	third-party-advisoryx_refsource_SECUNIA
	http://secunia.com/advisories/46032	third-party-advisoryx_refsource_SECUNIA
	http://secunia.com/advisories/46793	third-party-advisoryx_refsource_SECUNIA
	http://secunia.com/advisories/48439	third-party-advisoryx_refsource_SECUNIA
	http://secunia.com/advisories/45742	third-party-advisoryx_refsource_SECUNIA
	http://ubuntu.com/usn/usn-1255-1	vendor-advisoryx_refsource_UBUNTU
	http://modplug-xmms.git.sourceforge.net/git/gitwe…	x_refsource_CONFIRM
	http://lists.opensuse.org/opensuse-security-annou…	vendor-advisoryx_refsource_SUSE
	http://secunia.com/advisories/48434	third-party-advisoryx_refsource_SECUNIA
	https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF
	http://www.securityfocus.com/bid/48979	vdb-entryx_refsource_BID
	http://www.gentoo.org/security/en/glsa/glsa-20120…	vendor-advisoryx_refsource_GENTOO
	http://secunia.com/advisories/45901	third-party-advisoryx_refsource_SECUNIA
	http://rhn.redhat.com/errata/RHSA-2011-1264.html	vendor-advisoryx_refsource_REDHAT
	http://secunia.com/advisories/46043	third-party-advisoryx_refsource_SECUNIA
	http://jira.atheme.org/browse/AUDPLUG-394	x_refsource_CONFIRM
	http://www.osvdb.org/74209	vdb-entryx_refsource_OSVDB
	http://secunia.com/advisories/45658	third-party-advisoryx_refsource_SECUNIA

Date Public ?

2011-08-03 00:00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T23:15:31.904Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "FEDORA-2011-12370",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-September/066044.html"
          },
          {
            "name": "[oss-security] 20120810 CVE request: libmodplug: multiple  vulnerabilities reported in \u003c= 0.8.8.3",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2011/08/10/4"
          },
          {
            "name": "DSA-2415",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2012/dsa-2415"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://sourceforge.net/projects/modplug-xmms/files/libmodplug/0.8.8.4/"
          },
          {
            "name": "GLSA-201203-16",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://www.gentoo.org/security/en/glsa/glsa-201203-16.xml"
          },
          {
            "name": "FEDORA-2011-10503",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-August/063786.html"
          },
          {
            "name": "45131",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/45131"
          },
          {
            "name": "[oss-security] 20120812 Re: CVE request: libmodplug: multiple  vulnerabilities reported in \u003c= 0.8.8.3",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2011/08/12/4"
          },
          {
            "name": "48058",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/48058"
          },
          {
            "name": "46032",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/46032"
          },
          {
            "name": "46793",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/46793"
          },
          {
            "name": "48439",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/48439"
          },
          {
            "name": "45742",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/45742"
          },
          {
            "name": "USN-1255-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://ubuntu.com/usn/usn-1255-1"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://modplug-xmms.git.sourceforge.net/git/gitweb.cgi?p=modplug-xmms/modplug-xmms%3Ba=commitdiff%3Bh=f4e5295658fff000379caa122e75c9200205fe20"
          },
          {
            "name": "openSUSE-SU-2011:0943",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00019.html"
          },
          {
            "name": "48434",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/48434"
          },
          {
            "name": "libmodplug-s3m-bo(68984)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/68984"
          },
          {
            "name": "48979",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/48979"
          },
          {
            "name": "GLSA-201203-14",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://www.gentoo.org/security/en/glsa/glsa-201203-14.xml"
          },
          {
            "name": "45901",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/45901"
          },
          {
            "name": "RHSA-2011:1264",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2011-1264.html"
          },
          {
            "name": "46043",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/46043"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://jira.atheme.org/browse/AUDPLUG-394"
          },
          {
            "name": "74209",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://www.osvdb.org/74209"
          },
          {
            "name": "45658",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/45658"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2011-08-03T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Stack-based buffer overflow in the CSoundFile::ReadS3M function in src/load_s3m.cpp in libmodplug before 0.8.8.4 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted S3M file with an invalid offset."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-08-28T12:57:01.000Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "FEDORA-2011-12370",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-September/066044.html"
        },
        {
          "name": "[oss-security] 20120810 CVE request: libmodplug: multiple  vulnerabilities reported in \u003c= 0.8.8.3",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2011/08/10/4"
        },
        {
          "name": "DSA-2415",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2012/dsa-2415"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://sourceforge.net/projects/modplug-xmms/files/libmodplug/0.8.8.4/"
        },
        {
          "name": "GLSA-201203-16",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://www.gentoo.org/security/en/glsa/glsa-201203-16.xml"
        },
        {
          "name": "FEDORA-2011-10503",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-August/063786.html"
        },
        {
          "name": "45131",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/45131"
        },
        {
          "name": "[oss-security] 20120812 Re: CVE request: libmodplug: multiple  vulnerabilities reported in \u003c= 0.8.8.3",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2011/08/12/4"
        },
        {
          "name": "48058",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/48058"
        },
        {
          "name": "46032",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/46032"
        },
        {
          "name": "46793",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/46793"
        },
        {
          "name": "48439",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/48439"
        },
        {
          "name": "45742",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/45742"
        },
        {
          "name": "USN-1255-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://ubuntu.com/usn/usn-1255-1"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://modplug-xmms.git.sourceforge.net/git/gitweb.cgi?p=modplug-xmms/modplug-xmms%3Ba=commitdiff%3Bh=f4e5295658fff000379caa122e75c9200205fe20"
        },
        {
          "name": "openSUSE-SU-2011:0943",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00019.html"
        },
        {
          "name": "48434",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/48434"
        },
        {
          "name": "libmodplug-s3m-bo(68984)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/68984"
        },
        {
          "name": "48979",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/48979"
        },
        {
          "name": "GLSA-201203-14",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://www.gentoo.org/security/en/glsa/glsa-201203-14.xml"
        },
        {
          "name": "45901",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/45901"
        },
        {
          "name": "RHSA-2011:1264",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2011-1264.html"
        },
        {
          "name": "46043",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/46043"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://jira.atheme.org/browse/AUDPLUG-394"
        },
        {
          "name": "74209",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://www.osvdb.org/74209"
        },
        {
          "name": "45658",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/45658"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2011-2912",
    "datePublished": "2012-06-07T19:00:00.000Z",
    "dateReserved": "2011-07-27T00:00:00.000Z",
    "dateUpdated": "2024-08-06T23:15:31.904Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2011-1761 (GCVE-0-2011-1761)

Vulnerability from cvelistv5 – Published: 2012-06-07 19:00 – Updated: 2024-08-06 22:37

Summary

Multiple stack-based buffer overflows in the (1) abc_new_macro and (2) abc_new_umacro functions in src/load_abc.cpp in libmodplug before 0.8.8.3 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted ABC file. NOTE: some of these details are obtained from third party information.

Severity ?

No CVSS data available.

CWE

n/a

Assigner

redhat

References

URL

Tags

	http://www.debian.org/security/2012/dsa-2415	vendor-advisoryx_refsource_DEBIAN
	http://secunia.com/advisories/44870	third-party-advisoryx_refsource_SECUNIA
	http://www.osvdb.org/72157	vdb-entryx_refsource_OSVDB
	http://ubuntu.com/usn/usn-1148-1	vendor-advisoryx_refsource_UBUNTU
	http://secunia.com/advisories/44695	third-party-advisoryx_refsource_SECUNIA
	http://secunia.com/advisories/48058	third-party-advisoryx_refsource_SECUNIA
	http://www.exploit-db.com/exploits/17222	exploitx_refsource_EXPLOIT-DB
	http://secunia.com/advisories/45742	third-party-advisoryx_refsource_SECUNIA
	http://lists.opensuse.org/opensuse-security-annou…	vendor-advisoryx_refsource_SUSE
	http://www.openwall.com/lists/oss-security/2011/0…	mailing-listx_refsource_MLIST
	http://www.openwall.com/lists/oss-security/2011/05/02/1	mailing-listx_refsource_MLIST
	http://secunia.com/advisories/44388	third-party-advisoryx_refsource_SECUNIA
	http://lists.fedoraproject.org/pipermail/package-…	vendor-advisoryx_refsource_SUSE

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T22:37:25.759Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "DSA-2415",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2012/dsa-2415"
          },
          {
            "name": "44870",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/44870"
          },
          {
            "name": "72157",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://www.osvdb.org/72157"
          },
          {
            "name": "USN-1148-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://ubuntu.com/usn/usn-1148-1"
          },
          {
            "name": "44695",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/44695"
          },
          {
            "name": "48058",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/48058"
          },
          {
            "name": "17222",
            "tags": [
              "exploit",
              "x_refsource_EXPLOIT-DB",
              "x_transferred"
            ],
            "url": "http://www.exploit-db.com/exploits/17222"
          },
          {
            "name": "45742",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/45742"
          },
          {
            "name": "openSUSE-SU-2011:0943",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00019.html"
          },
          {
            "name": "[oss-security] 20120502 Re: CVE request: libmodplugin stack-buffer overflow",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2011/05/02/19"
          },
          {
            "name": "[oss-security] 20120502 CVE request: libmodplugin stack-buffer overflow",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2011/05/02/1"
          },
          {
            "name": "44388",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/44388"
          },
          {
            "name": "openSUSE-SU-2011:0551",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-May/060520.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Multiple stack-based buffer overflows in the (1) abc_new_macro and (2) abc_new_umacro functions in src/load_abc.cpp in libmodplug before 0.8.8.3 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted ABC file.  NOTE: some of these details are obtained from third party information."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2012-06-07T19:00:00.000Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "DSA-2415",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2012/dsa-2415"
        },
        {
          "name": "44870",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/44870"
        },
        {
          "name": "72157",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://www.osvdb.org/72157"
        },
        {
          "name": "USN-1148-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://ubuntu.com/usn/usn-1148-1"
        },
        {
          "name": "44695",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/44695"
        },
        {
          "name": "48058",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/48058"
        },
        {
          "name": "17222",
          "tags": [
            "exploit",
            "x_refsource_EXPLOIT-DB"
          ],
          "url": "http://www.exploit-db.com/exploits/17222"
        },
        {
          "name": "45742",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/45742"
        },
        {
          "name": "openSUSE-SU-2011:0943",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00019.html"
        },
        {
          "name": "[oss-security] 20120502 Re: CVE request: libmodplugin stack-buffer overflow",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2011/05/02/19"
        },
        {
          "name": "[oss-security] 20120502 CVE request: libmodplugin stack-buffer overflow",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2011/05/02/1"
        },
        {
          "name": "44388",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/44388"
        },
        {
          "name": "openSUSE-SU-2011:0551",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-May/060520.html"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2011-1761",
    "datePublished": "2012-06-07T19:00:00.000Z",
    "dateReserved": "2011-04-19T00:00:00.000Z",
    "dateUpdated": "2024-08-06T22:37:25.759Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2011-2915 (GCVE-0-2011-2915)

Vulnerability from cvelistv5 – Published: 2012-06-07 19:00 – Updated: 2024-08-06 23:15

Summary

Off-by-one error in the CSoundFile::ReadAMS2 function in src/load_ams.cpp in libmodplug before 0.8.8.4 allows remote attackers to cause a denial of service (memory corruption) and possibly execute arbitrary code via a crafted AMS file with a large number of instruments.

Severity ?

No CVSS data available.

CWE

n/a

Assigner

redhat

References

URL

Tags

	http://lists.fedoraproject.org/pipermail/package-…	vendor-advisoryx_refsource_FEDORA
	http://www.openwall.com/lists/oss-security/2011/08/10/4	mailing-listx_refsource_MLIST
	http://www.debian.org/security/2012/dsa-2415	vendor-advisoryx_refsource_DEBIAN
	http://sourceforge.net/projects/modplug-xmms/file…	x_refsource_CONFIRM
	http://www.gentoo.org/security/en/glsa/glsa-20120…	vendor-advisoryx_refsource_GENTOO
	http://lists.fedoraproject.org/pipermail/package-…	vendor-advisoryx_refsource_FEDORA
	http://secunia.com/advisories/45131	third-party-advisoryx_refsource_SECUNIA
	http://www.openwall.com/lists/oss-security/2011/08/12/4	mailing-listx_refsource_MLIST
	http://secunia.com/advisories/48058	third-party-advisoryx_refsource_SECUNIA
	http://secunia.com/advisories/46032	third-party-advisoryx_refsource_SECUNIA
	https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF
	http://secunia.com/advisories/46793	third-party-advisoryx_refsource_SECUNIA
	http://secunia.com/advisories/48439	third-party-advisoryx_refsource_SECUNIA
	http://secunia.com/advisories/45742	third-party-advisoryx_refsource_SECUNIA
	http://ubuntu.com/usn/usn-1255-1	vendor-advisoryx_refsource_UBUNTU
	http://lists.opensuse.org/opensuse-security-annou…	vendor-advisoryx_refsource_SUSE
	http://secunia.com/advisories/48434	third-party-advisoryx_refsource_SECUNIA
	http://www.securityfocus.com/bid/48979	vdb-entryx_refsource_BID
	http://www.gentoo.org/security/en/glsa/glsa-20120…	vendor-advisoryx_refsource_GENTOO
	http://secunia.com/advisories/45901	third-party-advisoryx_refsource_SECUNIA
	http://modplug-xmms.git.sourceforge.net/git/gitwe…	x_refsource_CONFIRM
	http://rhn.redhat.com/errata/RHSA-2011-1264.html	vendor-advisoryx_refsource_REDHAT
	http://secunia.com/advisories/46043	third-party-advisoryx_refsource_SECUNIA
	http://jira.atheme.org/browse/AUDPLUG-394	x_refsource_CONFIRM
	http://www.osvdb.org/74210	vdb-entryx_refsource_OSVDB
	http://secunia.com/advisories/45658	third-party-advisoryx_refsource_SECUNIA

Date Public ?

2011-08-03 00:00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T23:15:31.655Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "FEDORA-2011-12370",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-September/066044.html"
          },
          {
            "name": "[oss-security] 20120810 CVE request: libmodplug: multiple  vulnerabilities reported in \u003c= 0.8.8.3",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2011/08/10/4"
          },
          {
            "name": "DSA-2415",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2012/dsa-2415"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://sourceforge.net/projects/modplug-xmms/files/libmodplug/0.8.8.4/"
          },
          {
            "name": "GLSA-201203-16",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://www.gentoo.org/security/en/glsa/glsa-201203-16.xml"
          },
          {
            "name": "FEDORA-2011-10503",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-August/063786.html"
          },
          {
            "name": "45131",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/45131"
          },
          {
            "name": "[oss-security] 20120812 Re: CVE request: libmodplug: multiple  vulnerabilities reported in \u003c= 0.8.8.3",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2011/08/12/4"
          },
          {
            "name": "48058",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/48058"
          },
          {
            "name": "46032",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/46032"
          },
          {
            "name": "libmodplug-csoundfile-code-exec(68987)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/68987"
          },
          {
            "name": "46793",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/46793"
          },
          {
            "name": "48439",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/48439"
          },
          {
            "name": "45742",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/45742"
          },
          {
            "name": "USN-1255-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://ubuntu.com/usn/usn-1255-1"
          },
          {
            "name": "openSUSE-SU-2011:0943",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00019.html"
          },
          {
            "name": "48434",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/48434"
          },
          {
            "name": "48979",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/48979"
          },
          {
            "name": "GLSA-201203-14",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://www.gentoo.org/security/en/glsa/glsa-201203-14.xml"
          },
          {
            "name": "45901",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/45901"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://modplug-xmms.git.sourceforge.net/git/gitweb.cgi?p=modplug-xmms/modplug-xmms%3Ba=commitdiff%3Bh=16d7a78efe14d345a6c5b241f88422ad0ee483ea"
          },
          {
            "name": "RHSA-2011:1264",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2011-1264.html"
          },
          {
            "name": "46043",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/46043"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://jira.atheme.org/browse/AUDPLUG-394"
          },
          {
            "name": "74210",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://www.osvdb.org/74210"
          },
          {
            "name": "45658",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/45658"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2011-08-03T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Off-by-one error in the CSoundFile::ReadAMS2 function in src/load_ams.cpp in libmodplug before 0.8.8.4 allows remote attackers to cause a denial of service (memory corruption) and possibly execute arbitrary code via a crafted AMS file with a large number of instruments."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-08-28T12:57:01.000Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "FEDORA-2011-12370",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-September/066044.html"
        },
        {
          "name": "[oss-security] 20120810 CVE request: libmodplug: multiple  vulnerabilities reported in \u003c= 0.8.8.3",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2011/08/10/4"
        },
        {
          "name": "DSA-2415",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2012/dsa-2415"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://sourceforge.net/projects/modplug-xmms/files/libmodplug/0.8.8.4/"
        },
        {
          "name": "GLSA-201203-16",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://www.gentoo.org/security/en/glsa/glsa-201203-16.xml"
        },
        {
          "name": "FEDORA-2011-10503",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-August/063786.html"
        },
        {
          "name": "45131",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/45131"
        },
        {
          "name": "[oss-security] 20120812 Re: CVE request: libmodplug: multiple  vulnerabilities reported in \u003c= 0.8.8.3",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2011/08/12/4"
        },
        {
          "name": "48058",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/48058"
        },
        {
          "name": "46032",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/46032"
        },
        {
          "name": "libmodplug-csoundfile-code-exec(68987)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/68987"
        },
        {
          "name": "46793",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/46793"
        },
        {
          "name": "48439",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/48439"
        },
        {
          "name": "45742",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/45742"
        },
        {
          "name": "USN-1255-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://ubuntu.com/usn/usn-1255-1"
        },
        {
          "name": "openSUSE-SU-2011:0943",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00019.html"
        },
        {
          "name": "48434",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/48434"
        },
        {
          "name": "48979",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/48979"
        },
        {
          "name": "GLSA-201203-14",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://www.gentoo.org/security/en/glsa/glsa-201203-14.xml"
        },
        {
          "name": "45901",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/45901"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://modplug-xmms.git.sourceforge.net/git/gitweb.cgi?p=modplug-xmms/modplug-xmms%3Ba=commitdiff%3Bh=16d7a78efe14d345a6c5b241f88422ad0ee483ea"
        },
        {
          "name": "RHSA-2011:1264",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2011-1264.html"
        },
        {
          "name": "46043",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/46043"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://jira.atheme.org/browse/AUDPLUG-394"
        },
        {
          "name": "74210",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://www.osvdb.org/74210"
        },
        {
          "name": "45658",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/45658"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2011-2915",
    "datePublished": "2012-06-07T19:00:00.000Z",
    "dateReserved": "2011-07-27T00:00:00.000Z",
    "dateUpdated": "2024-08-06T23:15:31.655Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2011-2911 (GCVE-0-2011-2911)

Vulnerability from cvelistv5 – Published: 2012-06-07 19:00 – Updated: 2024-08-06 23:15

Summary

Integer overflow in the CSoundFile::ReadWav function in src/load_wav.cpp in libmodplug before 0.8.8.4 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted WAV file, which triggers a heap-based buffer overflow.

Severity ?

No CVSS data available.

CWE

n/a

Assigner

redhat

References

URL

Tags

	http://lists.fedoraproject.org/pipermail/package-…	vendor-advisoryx_refsource_FEDORA
	http://www.openwall.com/lists/oss-security/2011/08/10/4	mailing-listx_refsource_MLIST
	http://www.debian.org/security/2012/dsa-2415	vendor-advisoryx_refsource_DEBIAN
	http://sourceforge.net/projects/modplug-xmms/file…	x_refsource_CONFIRM
	http://www.gentoo.org/security/en/glsa/glsa-20120…	vendor-advisoryx_refsource_GENTOO
	http://lists.fedoraproject.org/pipermail/package-…	vendor-advisoryx_refsource_FEDORA
	http://secunia.com/advisories/45131	third-party-advisoryx_refsource_SECUNIA
	http://www.openwall.com/lists/oss-security/2011/08/12/4	mailing-listx_refsource_MLIST
	http://secunia.com/advisories/48058	third-party-advisoryx_refsource_SECUNIA
	http://secunia.com/advisories/46032	third-party-advisoryx_refsource_SECUNIA
	http://www.osvdb.org/74208	vdb-entryx_refsource_OSVDB
	http://secunia.com/advisories/46793	third-party-advisoryx_refsource_SECUNIA
	http://secunia.com/advisories/48439	third-party-advisoryx_refsource_SECUNIA
	http://secunia.com/advisories/45742	third-party-advisoryx_refsource_SECUNIA
	http://ubuntu.com/usn/usn-1255-1	vendor-advisoryx_refsource_UBUNTU
	http://lists.opensuse.org/opensuse-security-annou…	vendor-advisoryx_refsource_SUSE
	http://secunia.com/advisories/48434	third-party-advisoryx_refsource_SECUNIA
	http://www.securityfocus.com/bid/48979	vdb-entryx_refsource_BID
	http://www.gentoo.org/security/en/glsa/glsa-20120…	vendor-advisoryx_refsource_GENTOO
	http://modplug-xmms.git.sourceforge.net/git/gitwe…	x_refsource_CONFIRM
	http://secunia.com/advisories/45901	third-party-advisoryx_refsource_SECUNIA
	http://rhn.redhat.com/errata/RHSA-2011-1264.html	vendor-advisoryx_refsource_REDHAT
	http://secunia.com/advisories/46043	third-party-advisoryx_refsource_SECUNIA
	https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF
	http://jira.atheme.org/browse/AUDPLUG-394	x_refsource_CONFIRM
	http://secunia.com/advisories/45658	third-party-advisoryx_refsource_SECUNIA

Date Public ?

2011-08-03 00:00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T23:15:31.663Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "FEDORA-2011-12370",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-September/066044.html"
          },
          {
            "name": "[oss-security] 20120810 CVE request: libmodplug: multiple  vulnerabilities reported in \u003c= 0.8.8.3",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2011/08/10/4"
          },
          {
            "name": "DSA-2415",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2012/dsa-2415"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://sourceforge.net/projects/modplug-xmms/files/libmodplug/0.8.8.4/"
          },
          {
            "name": "GLSA-201203-16",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://www.gentoo.org/security/en/glsa/glsa-201203-16.xml"
          },
          {
            "name": "FEDORA-2011-10503",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-August/063786.html"
          },
          {
            "name": "45131",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/45131"
          },
          {
            "name": "[oss-security] 20120812 Re: CVE request: libmodplug: multiple  vulnerabilities reported in \u003c= 0.8.8.3",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2011/08/12/4"
          },
          {
            "name": "48058",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/48058"
          },
          {
            "name": "46032",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/46032"
          },
          {
            "name": "74208",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://www.osvdb.org/74208"
          },
          {
            "name": "46793",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/46793"
          },
          {
            "name": "48439",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/48439"
          },
          {
            "name": "45742",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/45742"
          },
          {
            "name": "USN-1255-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://ubuntu.com/usn/usn-1255-1"
          },
          {
            "name": "openSUSE-SU-2011:0943",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00019.html"
          },
          {
            "name": "48434",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/48434"
          },
          {
            "name": "48979",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/48979"
          },
          {
            "name": "GLSA-201203-14",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://www.gentoo.org/security/en/glsa/glsa-201203-14.xml"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://modplug-xmms.git.sourceforge.net/git/gitweb.cgi?p=modplug-xmms/modplug-xmms%3Ba=commitdiff%3Bh=2d4c56de314ab13e4437bd8b609f0b751066eee8"
          },
          {
            "name": "45901",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/45901"
          },
          {
            "name": "RHSA-2011:1264",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2011-1264.html"
          },
          {
            "name": "46043",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/46043"
          },
          {
            "name": "libmodplug-wav-bo(68983)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/68983"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://jira.atheme.org/browse/AUDPLUG-394"
          },
          {
            "name": "45658",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/45658"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2011-08-03T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Integer overflow in the CSoundFile::ReadWav function in src/load_wav.cpp in libmodplug before 0.8.8.4 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted WAV file, which triggers a heap-based buffer overflow."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-08-28T12:57:01.000Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "FEDORA-2011-12370",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-September/066044.html"
        },
        {
          "name": "[oss-security] 20120810 CVE request: libmodplug: multiple  vulnerabilities reported in \u003c= 0.8.8.3",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2011/08/10/4"
        },
        {
          "name": "DSA-2415",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2012/dsa-2415"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://sourceforge.net/projects/modplug-xmms/files/libmodplug/0.8.8.4/"
        },
        {
          "name": "GLSA-201203-16",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://www.gentoo.org/security/en/glsa/glsa-201203-16.xml"
        },
        {
          "name": "FEDORA-2011-10503",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-August/063786.html"
        },
        {
          "name": "45131",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/45131"
        },
        {
          "name": "[oss-security] 20120812 Re: CVE request: libmodplug: multiple  vulnerabilities reported in \u003c= 0.8.8.3",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2011/08/12/4"
        },
        {
          "name": "48058",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/48058"
        },
        {
          "name": "46032",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/46032"
        },
        {
          "name": "74208",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://www.osvdb.org/74208"
        },
        {
          "name": "46793",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/46793"
        },
        {
          "name": "48439",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/48439"
        },
        {
          "name": "45742",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/45742"
        },
        {
          "name": "USN-1255-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://ubuntu.com/usn/usn-1255-1"
        },
        {
          "name": "openSUSE-SU-2011:0943",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00019.html"
        },
        {
          "name": "48434",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/48434"
        },
        {
          "name": "48979",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/48979"
        },
        {
          "name": "GLSA-201203-14",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://www.gentoo.org/security/en/glsa/glsa-201203-14.xml"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://modplug-xmms.git.sourceforge.net/git/gitweb.cgi?p=modplug-xmms/modplug-xmms%3Ba=commitdiff%3Bh=2d4c56de314ab13e4437bd8b609f0b751066eee8"
        },
        {
          "name": "45901",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/45901"
        },
        {
          "name": "RHSA-2011:1264",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2011-1264.html"
        },
        {
          "name": "46043",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/46043"
        },
        {
          "name": "libmodplug-wav-bo(68983)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/68983"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://jira.atheme.org/browse/AUDPLUG-394"
        },
        {
          "name": "45658",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/45658"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2011-2911",
    "datePublished": "2012-06-07T19:00:00.000Z",
    "dateReserved": "2011-07-27T00:00:00.000Z",
    "dateUpdated": "2024-08-06T23:15:31.663Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2011-1574 (GCVE-0-2011-1574)

Vulnerability from cvelistv5 – Published: 2011-05-09 22:00 – Updated: 2024-08-06 22:28

Summary

Stack-based buffer overflow in the ReadS3M method in load_s3m.cpp in libmodplug before 0.8.8.2 allows remote attackers to execute arbitrary code via a crafted S3M file.

Severity ?

No CVSS data available.

CWE

n/a

Assigner

redhat

References

URL

Tags

	https://www.ubuntu.com/usn/USN-1148-1/	vendor-advisoryx_refsource_UBUNTU
	http://openwall.com/lists/oss-security/2011/04/11/13	mailing-listx_refsource_MLIST
	http://www.gentoo.org/security/en/glsa/glsa-20120…	vendor-advisoryx_refsource_GENTOO
	http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=622091	x_refsource_CONFIRM
	https://www.sec-consult.com/files/20110407-0_libm…	x_refsource_MISC
	http://secunia.com/advisories/44870	third-party-advisoryx_refsource_SECUNIA
	http://openwall.com/lists/oss-security/2011/04/11/6	mailing-listx_refsource_MLIST
	https://bugzilla.redhat.com/show_bug.cgi?id=695420	x_refsource_CONFIRM
	http://securitytracker.com/id?1025480	vdb-entryx_refsource_SECTRACK
	http://modplug-xmms.git.sourceforge.net/git/gitwe…	x_refsource_CONFIRM
	http://secunia.com/advisories/48434	third-party-advisoryx_refsource_SECUNIA
	http://www.debian.org/security/2011/dsa-2226	vendor-advisoryx_refsource_DEBIAN
	http://securityreason.com/securityalert/8243	third-party-advisoryx_refsource_SREASON
	https://rhn.redhat.com/errata/RHSA-2011-0477.html	vendor-advisoryx_refsource_REDHAT
	http://www.mandriva.com/security/advisories?name=…	vendor-advisoryx_refsource_MANDRIVA

Date Public ?

2011-04-07 00:00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T22:28:41.982Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "USN-1148-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://www.ubuntu.com/usn/USN-1148-1/"
          },
          {
            "name": "[oss-security] 20110411 Re: CVE request for libmodplug",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://openwall.com/lists/oss-security/2011/04/11/13"
          },
          {
            "name": "GLSA-201203-16",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://www.gentoo.org/security/en/glsa/glsa-201203-16.xml"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=622091"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.sec-consult.com/files/20110407-0_libmodplug_stackoverflow.txt"
          },
          {
            "name": "44870",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/44870"
          },
          {
            "name": "[oss-security] 20110411 CVE request for libmodplug",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://openwall.com/lists/oss-security/2011/04/11/6"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=695420"
          },
          {
            "name": "1025480",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1025480"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://modplug-xmms.git.sourceforge.net/git/gitweb.cgi?p=modplug-xmms/modplug-xmms%3Ba=commit%3Bh=aecef259828a89bb00c2e6f78e89de7363b2237b"
          },
          {
            "name": "48434",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/48434"
          },
          {
            "name": "DSA-2226",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2011/dsa-2226"
          },
          {
            "name": "8243",
            "tags": [
              "third-party-advisory",
              "x_refsource_SREASON",
              "x_transferred"
            ],
            "url": "http://securityreason.com/securityalert/8243"
          },
          {
            "name": "RHSA-2011:0477",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://rhn.redhat.com/errata/RHSA-2011-0477.html"
          },
          {
            "name": "MDVSA-2011:085",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:085"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2011-04-07T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Stack-based buffer overflow in the ReadS3M method in load_s3m.cpp in libmodplug before 0.8.8.2 allows remote attackers to execute arbitrary code via a crafted S3M file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2016-12-06T21:57:01.000Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "USN-1148-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://www.ubuntu.com/usn/USN-1148-1/"
        },
        {
          "name": "[oss-security] 20110411 Re: CVE request for libmodplug",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://openwall.com/lists/oss-security/2011/04/11/13"
        },
        {
          "name": "GLSA-201203-16",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://www.gentoo.org/security/en/glsa/glsa-201203-16.xml"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=622091"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.sec-consult.com/files/20110407-0_libmodplug_stackoverflow.txt"
        },
        {
          "name": "44870",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/44870"
        },
        {
          "name": "[oss-security] 20110411 CVE request for libmodplug",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://openwall.com/lists/oss-security/2011/04/11/6"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=695420"
        },
        {
          "name": "1025480",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1025480"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://modplug-xmms.git.sourceforge.net/git/gitweb.cgi?p=modplug-xmms/modplug-xmms%3Ba=commit%3Bh=aecef259828a89bb00c2e6f78e89de7363b2237b"
        },
        {
          "name": "48434",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/48434"
        },
        {
          "name": "DSA-2226",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2011/dsa-2226"
        },
        {
          "name": "8243",
          "tags": [
            "third-party-advisory",
            "x_refsource_SREASON"
          ],
          "url": "http://securityreason.com/securityalert/8243"
        },
        {
          "name": "RHSA-2011:0477",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://rhn.redhat.com/errata/RHSA-2011-0477.html"
        },
        {
          "name": "MDVSA-2011:085",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:085"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2011-1574",
    "datePublished": "2011-05-09T22:00:00.000Z",
    "dateReserved": "2011-04-05T00:00:00.000Z",
    "dateUpdated": "2024-08-06T22:28:41.982Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2009-1513 (GCVE-0-2009-1513)

Vulnerability from cvelistv5 – Published: 2009-05-04 16:12 – Updated: 2024-08-07 05:13

Summary

Buffer overflow in the PATinst function in src/load_pat.cpp in libmodplug before 0.8.7 allows user-assisted remote attackers to cause a denial of service and possibly execute arbitrary code via a long instrument name.

Severity ?

No CVSS data available.

CWE

n/a

Assigner

mitre

References

URL

Tags

	http://www.ubuntu.com/usn/USN-771-1	vendor-advisoryx_refsource_UBUNTU
	http://secunia.com/advisories/35736	third-party-advisoryx_refsource_SECUNIA
	http://secunia.com/advisories/34927	third-party-advisoryx_refsource_SECUNIA
	http://www.debian.org/security/2009/dsa-1850	vendor-advisoryx_refsource_DEBIAN
	http://www.securityfocus.com/bid/34747	vdb-entryx_refsource_BID
	http://modplug-xmms.cvs.sourceforge.net/viewvc/mo…	x_refsource_CONFIRM
	http://secunia.com/advisories/36158	third-party-advisoryx_refsource_SECUNIA
	http://sourceforge.net/tracker/?func=detail&aid=2…	x_refsource_CONFIRM
	http://www.mandriva.com/security/advisories?name=…	vendor-advisoryx_refsource_MANDRIVA
	http://osvdb.org/54109	vdb-entryx_refsource_OSVDB
	http://secunia.com/advisories/35026	third-party-advisoryx_refsource_SECUNIA
	http://www.openwall.com/lists/oss-security/2009/04/29/5	mailing-listx_refsource_MLIST
	http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=526084	x_refsource_CONFIRM
	http://security.gentoo.org/glsa/glsa-200907-07.xml	vendor-advisoryx_refsource_GENTOO
	http://modplug-xmms.git.sourceforge.net/git/gitwe…	x_refsource_CONFIRM
	http://sourceforge.net/project/shownotes.php?rele…	x_refsource_CONFIRM
	http://www.vupen.com/english/advisories/2009/1200	vdb-entryx_refsource_VUPEN

Date Public ?

2009-04-21 00:00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T05:13:25.667Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "USN-771-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-771-1"
          },
          {
            "name": "35736",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/35736"
          },
          {
            "name": "34927",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/34927"
          },
          {
            "name": "DSA-1850",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2009/dsa-1850"
          },
          {
            "name": "34747",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/34747"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://modplug-xmms.cvs.sourceforge.net/viewvc/modplug-xmms/libmodplug/src/load_pat.cpp?r1=1.3\u0026r2=1.4"
          },
          {
            "name": "36158",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/36158"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://sourceforge.net/tracker/?func=detail\u0026aid=2777467\u0026group_id=1275\u0026atid=301275"
          },
          {
            "name": "MDVSA-2009:128",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:128"
          },
          {
            "name": "54109",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://osvdb.org/54109"
          },
          {
            "name": "35026",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/35026"
          },
          {
            "name": "[oss-security] 20090429 Re: CVE Request -- libmodplug",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2009/04/29/5"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=526084"
          },
          {
            "name": "GLSA-200907-07",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://security.gentoo.org/glsa/glsa-200907-07.xml"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://modplug-xmms.git.sourceforge.net/git/gitweb.cgi?p=modplug-xmms%3Ba=commitdiff%3Bh=c4ebb701be6ee9a296a44fdac5a20b7739ff0595"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://sourceforge.net/project/shownotes.php?release_id=678622\u0026group_id=1275"
          },
          {
            "name": "ADV-2009-1200",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2009/1200"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2009-04-21T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Buffer overflow in the PATinst function in src/load_pat.cpp in libmodplug before 0.8.7 allows user-assisted remote attackers to cause a denial of service and possibly execute arbitrary code via a long instrument name."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2009-05-13T09:00:00.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "USN-771-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-771-1"
        },
        {
          "name": "35736",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/35736"
        },
        {
          "name": "34927",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/34927"
        },
        {
          "name": "DSA-1850",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2009/dsa-1850"
        },
        {
          "name": "34747",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/34747"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://modplug-xmms.cvs.sourceforge.net/viewvc/modplug-xmms/libmodplug/src/load_pat.cpp?r1=1.3\u0026r2=1.4"
        },
        {
          "name": "36158",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/36158"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://sourceforge.net/tracker/?func=detail\u0026aid=2777467\u0026group_id=1275\u0026atid=301275"
        },
        {
          "name": "MDVSA-2009:128",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:128"
        },
        {
          "name": "54109",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://osvdb.org/54109"
        },
        {
          "name": "35026",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/35026"
        },
        {
          "name": "[oss-security] 20090429 Re: CVE Request -- libmodplug",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2009/04/29/5"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=526084"
        },
        {
          "name": "GLSA-200907-07",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://security.gentoo.org/glsa/glsa-200907-07.xml"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://modplug-xmms.git.sourceforge.net/git/gitweb.cgi?p=modplug-xmms%3Ba=commitdiff%3Bh=c4ebb701be6ee9a296a44fdac5a20b7739ff0595"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://sourceforge.net/project/shownotes.php?release_id=678622\u0026group_id=1275"
        },
        {
          "name": "ADV-2009-1200",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2009/1200"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2009-1513",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Buffer overflow in the PATinst function in src/load_pat.cpp in libmodplug before 0.8.7 allows user-assisted remote attackers to cause a denial of service and possibly execute arbitrary code via a long instrument name."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "USN-771-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-771-1"
            },
            {
              "name": "35736",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/35736"
            },
            {
              "name": "34927",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/34927"
            },
            {
              "name": "DSA-1850",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2009/dsa-1850"
            },
            {
              "name": "34747",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/34747"
            },
            {
              "name": "http://modplug-xmms.cvs.sourceforge.net/viewvc/modplug-xmms/libmodplug/src/load_pat.cpp?r1=1.3\u0026r2=1.4",
              "refsource": "CONFIRM",
              "url": "http://modplug-xmms.cvs.sourceforge.net/viewvc/modplug-xmms/libmodplug/src/load_pat.cpp?r1=1.3\u0026r2=1.4"
            },
            {
              "name": "36158",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/36158"
            },
            {
              "name": "http://sourceforge.net/tracker/?func=detail\u0026aid=2777467\u0026group_id=1275\u0026atid=301275",
              "refsource": "CONFIRM",
              "url": "http://sourceforge.net/tracker/?func=detail\u0026aid=2777467\u0026group_id=1275\u0026atid=301275"
            },
            {
              "name": "MDVSA-2009:128",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:128"
            },
            {
              "name": "54109",
              "refsource": "OSVDB",
              "url": "http://osvdb.org/54109"
            },
            {
              "name": "35026",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/35026"
            },
            {
              "name": "[oss-security] 20090429 Re: CVE Request -- libmodplug",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2009/04/29/5"
            },
            {
              "name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=526084",
              "refsource": "CONFIRM",
              "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=526084"
            },
            {
              "name": "GLSA-200907-07",
              "refsource": "GENTOO",
              "url": "http://security.gentoo.org/glsa/glsa-200907-07.xml"
            },
            {
              "name": "http://modplug-xmms.git.sourceforge.net/git/gitweb.cgi?p=modplug-xmms;a=commitdiff;h=c4ebb701be6ee9a296a44fdac5a20b7739ff0595",
              "refsource": "CONFIRM",
              "url": "http://modplug-xmms.git.sourceforge.net/git/gitweb.cgi?p=modplug-xmms;a=commitdiff;h=c4ebb701be6ee9a296a44fdac5a20b7739ff0595"
            },
            {
              "name": "http://sourceforge.net/project/shownotes.php?release_id=678622\u0026group_id=1275",
              "refsource": "CONFIRM",
              "url": "http://sourceforge.net/project/shownotes.php?release_id=678622\u0026group_id=1275"
            },
            {
              "name": "ADV-2009-1200",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2009/1200"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2009-1513",
    "datePublished": "2009-05-04T16:12:00.000Z",
    "dateReserved": "2009-05-04T00:00:00.000Z",
    "dateUpdated": "2024-08-07T05:13:25.667Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Search criteria ⓘ Use this form to refine search results. Full-text search supports keyword queries with ranking and filtering. You can combine vendor, product, and sources to narrow results. Enable “Apply ordering” to sort by date instead of relevance.

33 vulnerabilities found for libmodplug by konstanty_bialkowski

CVE-2013-4234 (GCVE-0-2013-4234)

CVE-2013-4233 (GCVE-0-2013-4233)

CVE-2011-2915 (GCVE-0-2011-2915)

CVE-2011-2914 (GCVE-0-2011-2914)

CVE-2011-2913 (GCVE-0-2011-2913)

CVE-2011-2912 (GCVE-0-2011-2912)

CVE-2011-2911 (GCVE-0-2011-2911)

CVE-2011-1761 (GCVE-0-2011-1761)

CVE-2011-1574 (GCVE-0-2011-1574)

CVE-2009-1513 (GCVE-0-2009-1513)

CVE-2013-4234 (GCVE-0-2013-4234)

CVE-2013-4233 (GCVE-0-2013-4233)

CVE-2011-2913 (GCVE-0-2011-2913)

CVE-2011-2914 (GCVE-0-2011-2914)

CVE-2011-2912 (GCVE-0-2011-2912)

CVE-2011-1761 (GCVE-0-2011-1761)

CVE-2011-2915 (GCVE-0-2011-2915)

CVE-2011-2911 (GCVE-0-2011-2911)

CVE-2011-1574 (GCVE-0-2011-1574)

CVE-2009-1513 (GCVE-0-2009-1513)

Search criteria ⓘ Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.