DEBIAN-CVE-2007-6731

Extended Module Player XMP 2.5.1 and earlier allow remote attackers to execute arbitrary code via an OXM file with a negative value, which bypasses a check in 1 testoxm and 2 decrunchoxm functions in misc/oxm.c, leading to a buffer overflow...

CVE-2007-6732

Multiple buffer overflows in the dttload function in loaders/dttload.c Extended Module Player XMP 2.5.1 and earlier allow remote attackers to execute arbitrary code via unspecified vectors related to an untrusted length value and the 1 pofs and 2 plen arrays...

DEBIAN-CVE-2007-6732

Multiple buffer overflows in the dttload function in loaders/dttload.c Extended Module Player XMP 2.5.1 and earlier allow remote attackers to execute arbitrary code via unspecified vectors related to an untrusted length value and the 1 pofs and 2 plen arrays...

CVE-2007-6731

Extended Module Player XMP 2.5.1 and earlier allow remote attackers to execute arbitrary code via an OXM file with a negative value, which bypasses a check in 1 testoxm and 2 decrunchoxm functions in misc/oxm.c, leading to a buffer overflow...

CVE-2007-6731

CVE-2007-6731 affects Extended Module Player (XMP) up to version 2.5.1 and earlier. The vulnerability arises in the OXM loader: a negative value in an OXM file bypasses checks in test_oxm and decrunch_oxm in misc/oxm.c, causing a buffer overflow. This leads to remote code execution risks as descr...

Extended Module Player oxm.c及dtt_load.c文件多个本地溢出漏洞

BUGTRAQ ID: 27047 Extended Module Player（XMP）是用于播放老式MOD文件的命令行播放器。 XMP实现上存在多个缓冲区溢出漏洞，远程攻击者可能利用此漏洞控制用户系统。 --------------------------------------------- A testoxm/decrunchoxm缓冲区溢出 --------------------------------------------- 由于可以绕过ilen...

Extended Module Player (xmp) 'oxm.c'和'dtt_load.c'缓冲区溢出漏洞

Extended Module Player xmp是一款命令行播放程序。 Extended Module Player xmp存在多个缓冲区溢出问题，远程攻击者可以利用漏洞以应用程序进程权限执行任意指令。 问题一是testoxm / decrunchoxm处理OXM文件格式存在缓冲区溢出。 问题二是dttload处理pofs和plen数组存在缓冲区溢出。 Extended Module Player xmp 2.5.1 厂商解决方案 ----------- 目前没有详细解决方案提供： http://xmp.sourceforge.net/ 可参考如下测试程序：...

Buffer-overflow in Extended Module Player 2.5.1

Luigi Auriemma Application: Extended Module Player XMP http://xmp.sourceforge.net Versions: = 2.5.1 Platforms: Linux, BSD, Solaris, HP-UX, MacOS X, QNX, BeOS, Windows, OS/2 and AmigaOS Bugs: A buffer-overflow in testoxm / decrunchoxm B buffer-overflow in dttload Exploitation: local Date: 27 Dec...

Extended Module Player (xmp) 2.5.1 - 'oxm.c' / 'dtt_load.c' Multiple Local Buffer Overflow Vulnerabilities

// source: https://www.securityfocus.com/bid/27047/info Extended Module Player xmp is prone to multiple local buffer-overflow vulnerabilities because it fails to perform adequate boundary checks before copying user-supplied input into an insufficiently sized buffer. These issues occur when the...