Vulnerability in Konstanty_bialkowski Libmodplug

CVE-2011-2914

Off-by-one error in the CSoundFile::ReadDSM function in src/load_dms.cpp in libmodplug before 0.8.8.4 allows remote attackers to cause a denial of service (memory corruption) and possibly execute arbitrary code via a crafted DSM file with…

EPSS: 0.025 (85.5th percentile) — read the EPSS interpretation.

Affected products

Konstanty_bialkowski Libmodplug — versions 0.8, 0.8.4, 0.8.5
N/a — versions n/a

Weakness classification (CWE)

CWE-189

References

FEDORA-2011-12370 (x_refsource_FEDORA, vendor-advisory)
[oss-security] 20120810 CVE request: libmodplug: multiple vulnerabilities reported in <= 0.8.8.3 (mailing-list, x_refsource_MLIST)
DSA-2415 (vendor-advisory, x_refsource_DEBIAN)
secalert@redhat.com (x_refsource_CONFIRM)
GLSA-201203-16 (vendor-advisory, x_refsource_GENTOO)
74211 (x_refsource_OSVDB, vdb-entry)
FEDORA-2011-10503 (x_refsource_FEDORA, vendor-advisory)
45131 (x_refsource_SECUNIA, third-party-advisory, Vendor Advisory)
[oss-security] 20120812 Re: CVE request: libmodplug: multiple vulnerabilities reported in <= 0.8.8.3 (mailing-list, x_refsource_MLIST)
secalert@redhat.com (x_refsource_CONFIRM)