Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2011-1574

Overview

Vulnerability Score 6.8 6.8
CVE Id CVE-2011-1574
Last Modified 08 Jun 2012 11:32:58
Published 09 May 2011 06:55:01
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2011-1574

Summary

Stack-based buffer overflow in the ReadS3M method in load_s3m.cpp in libmodplug before 0.8.8.2 allows remote attackers to execute arbitrary code via a crafted S3M file.

Vulnerable Systems

Application

  • Konstanty Bialkowski Libmodplug 0.8

  • Konstanty Bialkowski Libmodplug 0.8.4

  • Konstanty Bialkowski Libmodplug 0.8.5

  • Konstanty Bialkowski Libmodplug 0.8.6

  • Konstanty Bialkowski Libmodplug 0.8.7

  • Konstanty Bialkowski Libmodplug 0.8.8

  • Konstanty Bialkowski Libmodplug 0.8.8.1


References

CONFIRM - https://bugzilla.redhat.com/show_bug.cgi?id=695420

MLIST - [oss-security] 20110411 CVE request for libmodplug

MLIST - [oss-security] 20110411 Re: CVE request for libmodplug

CONFIRM - http://modplug-xmms.git.sourceforge.net/git/gitweb.cgi?p=modplug-xmms/modplug-xmms;a=commit;h=aecef259828a89bb00c2e6f78e89de7363b2237b

CONFIRM - http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=622091

MISC - https://www.sec-consult.com/files/20110407-0_libmodplug_stackoverflow.txt

REDHAT - RHSA-2011:0477

MANDRIVA - MDVSA-2011:085

DEBIAN - DSA-2226

SECTRACK - 1025480

SREASON - 8243

UBUNTU - USN-1148-1

GENTOO - GLSA-201203-16

SECUNIA - 48434

SECUNIA - 44870


Last Updated: 27 May 2016 10:56:30