Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2011-2914

Overview

Vulnerability Score 6.8 6.8
CVE Id CVE-2011-2914
Last Modified 08 Jun 2012 09:50:02
Published 07 Jun 2012 03:55:04
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2011-2914

Summary

Off-by-one error in the CSoundFile::ReadDSM function in src/load_dms.cpp in libmodplug before 0.8.8.4 allows remote attackers to cause a denial of service (memory corruption) and possibly execute arbitrary code via a crafted DSM file with a large number of samples.

Vulnerable Systems

Application

  • Konstanty Bialkowski Libmodplug 0.8

  • Konstanty Bialkowski Libmodplug 0.8.4

  • Konstanty Bialkowski Libmodplug 0.8.5

  • Konstanty Bialkowski Libmodplug 0.8.6

  • Konstanty Bialkowski Libmodplug 0.8.7

  • Konstanty Bialkowski Libmodplug 0.8.8

  • Konstanty Bialkowski Libmodplug 0.8.8.1

  • Konstanty Bialkowski Libmodplug 0.8.8.2

  • Konstanty Bialkowski Libmodplug 0.8.8.3


References

XF - libmodplug-dsm-code-execution(68986)

BID - 48979

OSVDB - 74211

MLIST - [oss-security] 20120812 Re: CVE request: libmodplug: multiple vulnerabilities reported in <= 0.8.8.3

MLIST - [oss-security] 20120810 CVE request: libmodplug: multiple vulnerabilities reported in <= 0.8.8.3

GENTOO - GLSA-201203-16

GENTOO - GLSA-201203-14

DEBIAN - DSA-2415

UBUNTU - USN-1255-1

CONFIRM - http://sourceforge.net/projects/modplug-xmms/files/libmodplug/0.8.8.4/

SECUNIA - 48439

SECUNIA - 48434

SECUNIA - 48058

SECUNIA - 46793

SECUNIA - 46043

SECUNIA - 46032

SECUNIA - 45901

SECUNIA - 45742

SECUNIA - 45658

SECUNIA - 45131

REDHAT - RHSA-2011:1264

CONFIRM - http://modplug-xmms.git.sourceforge.net/git/gitweb.cgi?p=modplug-xmms/modplug-xmms;a=commitdiff;h=26243ab9fe1171f70053e9aec4b20e9f7de9e4ef

SUSE - openSUSE-SU-2011:0943

FEDORA - FEDORA-2011-12370

FEDORA - FEDORA-2011-10503

CONFIRM - http://jira.atheme.org/browse/AUDPLUG-394


Last Updated: 27 May 2016 10:56:30