What is CVE-2011-1574?

CVE-2011-1574 is a vulnerability in Konstanty_bialkowski Libmodplug, classified under Improper Restriction of Operations within the Bounds of a Memory Buffer. Published 2011-05-09.

Is CVE-2011-1574 known to be exploited?

1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Buffer overflow in Konstanty_bialkowski Libmodplug

CVE-2011-1574

Stack-based buffer overflow in the ReadS3M method in load_s3m.cpp in libmodplug before 0.8.8.2 allows remote attackers to execute arbitrary code via a crafted S3M file.

Vulnerability class: Buffer Overflow

EPSS: 0.663 (98.5th percentile) — read the EPSS interpretation.

Affected products

Konstanty_bialkowski Libmodplug — versions 0.8, 0.8.4, 0.8.5
N/a — versions n/a

Weakness classification (CWE)

CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer

Public proof-of-concept exploits

rapid7/metasploit-framework

References

USN-1148-1 (x_refsource_UBUNTU, vendor-advisory)
[oss-security] 20110411 Re: CVE request for libmodplug (mailing-list, x_refsource_MLIST, Exploit, Patch)
GLSA-201203-16 (vendor-advisory, x_refsource_GENTOO)
secalert@redhat.com (x_refsource_CONFIRM, Patch)
secalert@redhat.com (Exploit, x_refsource_MISC)
44870 (x_refsource_SECUNIA, third-party-advisory)
[oss-security] 20110411 CVE request for libmodplug (mailing-list, x_refsource_MLIST, Exploit, Patch)
secalert@redhat.com (x_refsource_CONFIRM, Exploit, Patch)
1025480 (vdb-entry, x_refsource_SECTRACK)
secalert@redhat.com (x_refsource_CONFIRM)

Frequently asked questions

What is CVE-2011-1574?: CVE-2011-1574 is a vulnerability in Konstanty_bialkowski Libmodplug, classified under Improper Restriction of Operations within the Bounds of a Memory Buffer. Published 2011-05-09.
Is CVE-2011-1574 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.