6 matches found
SUSE CVE-2006-3668
Heap-based buffer overflow in the itreadenvelope function in Dynamic Universal Music Bibliotheque DUMB 0.9.3 and earlier and current CVS as of 20060716, including libdumb, allows user-assisted attackers to execute arbitrary code via a ".it" Impulse Tracker file with an envelope with a large numbe...
Gentoo Security Advisory GLSA 200608-14 (dumb)
The remote host is missing updates announced in advisory GLSA 200608-14. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian DSA-1123-1 : libdumb - buffer overflow
Luigi Auriemma discovered that DUMB, a tracker music library, performs insufficient sanitising of values parsed from IT music files, which might lead to a buffer overflow and execution of arbitrary code if manipulated files are read. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The...
[Full-disclosure] [SECURITY] [DSA 1123-1] New libdumb packages fix arbitrary code execution
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - -------------------------------------------------------------------------- Debian Security Advisory DSA 1123-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff July 24th, 2006 http://www.debian.org/security/faq -...
CVE-2006-3668
CVE-2006-3668 describes a heap-based buffer overflow in DUMB (Dynamic Universal Music Bibliotheque) libdumb affecting 0.9.3 and earlier (CVSS shows high impact). The vulnerability occurs in it_read_envelope when parsing IT files with a large number of nodes, potentially allowing arbitrary code ex...
CVE-2006-3668
Heap-based buffer overflow in the itreadenvelope function in Dynamic Universal Music Bibliotheque DUMB 0.9.3 and earlier and current CVS as of 20060716, including libdumb, allows user-assisted attackers to execute arbitrary code via a ".it" Impulse Tracker file with an envelope with a large numbe...