Vulnerability in Konstanty_bialkowski Libmodplug
CVE-2011-2911
Integer overflow in the CSoundFile::ReadWav function in src/load_wav.cpp in libmodplug before 0.8.8.4 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted WAV file, which triggers a heap-ba…
EPSS: 0.021 (84.6th percentile) — read the EPSS interpretation.
Affected products
- Konstanty_bialkowski Libmodplug — versions 0.8, 0.8.4, 0.8.5
- N/a — versions n/a
Weakness classification (CWE)
References
- FEDORA-2011-12370 (x_refsource_FEDORA, vendor-advisory)
- [oss-security] 20120810 CVE request: libmodplug: multiple vulnerabilities reported in <= 0.8.8.3 (mailing-list, x_refsource_MLIST)
- DSA-2415 (vendor-advisory, x_refsource_DEBIAN)
- secalert@redhat.com (x_refsource_CONFIRM)
- GLSA-201203-16 (vendor-advisory, x_refsource_GENTOO)
- FEDORA-2011-10503 (x_refsource_FEDORA, vendor-advisory)
- 45131 (x_refsource_SECUNIA, third-party-advisory, Vendor Advisory)
- [oss-security] 20120812 Re: CVE request: libmodplug: multiple vulnerabilities reported in <= 0.8.8.3 (mailing-list, x_refsource_MLIST)
- 48058 (x_refsource_SECUNIA, third-party-advisory, Vendor Advisory)
- 46032 (x_refsource_SECUNIA, third-party-advisory, Vendor Advisory)