Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2011-2911

Overview

Vulnerability Score 6.8 6.8
CVE Id CVE-2011-2911
Last Modified 08 Jun 2012 12:00:00
Published 07 Jun 2012 03:55:04
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2011-2911

Summary

Integer overflow in the CSoundFile::ReadWav function in src/load_wav.cpp in libmodplug before 0.8.8.4 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted WAV file, which triggers a heap-based buffer overflow.

Vulnerable Systems

Application

  • Konstanty Bialkowski Libmodplug 0.8

  • Konstanty Bialkowski Libmodplug 0.8.4

  • Konstanty Bialkowski Libmodplug 0.8.5

  • Konstanty Bialkowski Libmodplug 0.8.6

  • Konstanty Bialkowski Libmodplug 0.8.7

  • Konstanty Bialkowski Libmodplug 0.8.8

  • Konstanty Bialkowski Libmodplug 0.8.8.1

  • Konstanty Bialkowski Libmodplug 0.8.8.2

  • Konstanty Bialkowski Libmodplug 0.8.8.3


References

XF - libmodplug-wav-bo(68983)

BID - 48979

OSVDB - 74208

MLIST - [oss-security] 20120812 Re: CVE request: libmodplug: multiple vulnerabilities reported in <= 0.8.8.3

MLIST - [oss-security] 20120810 CVE request: libmodplug: multiple vulnerabilities reported in <= 0.8.8.3

GENTOO - GLSA-201203-16

GENTOO - GLSA-201203-14

DEBIAN - DSA-2415

UBUNTU - USN-1255-1

CONFIRM - http://sourceforge.net/projects/modplug-xmms/files/libmodplug/0.8.8.4/

SECUNIA - 48439

SECUNIA - 48434

SECUNIA - 48058

SECUNIA - 46793

SECUNIA - 46043

SECUNIA - 46032

SECUNIA - 45901

SECUNIA - 45742

SECUNIA - 45658

SECUNIA - 45131

REDHAT - RHSA-2011:1264

CONFIRM - http://modplug-xmms.git.sourceforge.net/git/gitweb.cgi?p=modplug-xmms/modplug-xmms;a=commitdiff;h=2d4c56de314ab13e4437bd8b609f0b751066eee8

SUSE - openSUSE-SU-2011:0943

FEDORA - FEDORA-2011-12370

FEDORA - FEDORA-2011-10503

CONFIRM - http://jira.atheme.org/browse/AUDPLUG-394


Last Updated: 27 May 2016 10:49:37