Vulnerability in Konstanty_bialkowski Libmodplug
CVE-2011-2913
Off-by-one error in the CSoundFile::ReadAMS function in src/load_ams.cpp in libmodplug before 0.8.8.4 allows remote attackers to cause a denial of service (stack memory corruption) and possibly execute arbitrary code via a crafted AMS file…
EPSS: 0.025 (85.5th percentile) — read the EPSS interpretation.
Affected products
- Konstanty_bialkowski Libmodplug — versions 0.8, 0.8.4, 0.8.5
- N/a — versions n/a
Weakness classification (CWE)
References
- FEDORA-2011-12370 (x_refsource_FEDORA, vendor-advisory)
- [oss-security] 20120810 CVE request: libmodplug: multiple vulnerabilities reported in <= 0.8.8.3 (mailing-list, x_refsource_MLIST)
- DSA-2415 (vendor-advisory, x_refsource_DEBIAN)
- secalert@redhat.com (x_refsource_CONFIRM)
- GLSA-201203-16 (vendor-advisory, x_refsource_GENTOO)
- FEDORA-2011-10503 (x_refsource_FEDORA, vendor-advisory)
- 45131 (x_refsource_SECUNIA, third-party-advisory, Vendor Advisory)
- [oss-security] 20120812 Re: CVE request: libmodplug: multiple vulnerabilities reported in <= 0.8.8.3 (mailing-list, x_refsource_MLIST)
- secalert@redhat.com (x_refsource_CONFIRM)
- 48058 (x_refsource_SECUNIA, third-party-advisory, Vendor Advisory)