63 matches found
PT-2010-1121 · Libmikmod +2 · Libmikmod +2
Name of the Vulnerable Software and Affected Versions: libmikmod versions prior to 3.2.0 beta2-r3 Description: The issue is related to multiple heap-based buffer overflows in the loaders/load it.c file of libmikmod. This could potentially allow remote attackers to execute arbitrary code via craft...
Debian Security Advisory DSA 2071-1 (libmikmod)
The remote host is missing an update to libmikmod announced via advisory DSA 2071-1. OpenVAS Vulnerability Test $Id: deb20711.nasl 6614 2017-07-07 12:09:12Z cfischer $ Description: Auto-generated from advisory DSA 2071-1 libmikmod Authors: Thomas Reinke Copyright: Copyright c 2010 E-Soft Inc...
DSA-2071-1 libmikmod - several vulnerabilities
Bulletin has no description...
openSUSE Security Update : libmikmod (openSUSE-SU-2010:0209-1)
Specially crafted 'Impulse Tracker' and 'Ultratracker' files could cause a heap based buffer overflow in libmikmod. Attackers could exploit that to crash or potentially execute code in applications linking against libmikmod CVE-2009-3995, CVE-2009-3996. %NASLMINLEVEL 70300 C Tenable Network...
Heap overflow
Multiple heap-based buffer overflows in INMOD.DLL aka the Module Decoder Plug-in in Winamp before 5.57, and libmikmod 3.1.12, might allow remote attackers to execute arbitrary code via 1 crafted samples or 2 crafted instrument definitions in an Impulse Tracker file. NOTE: some of these details ar...
CVE-2009-3995
Multiple heap-based buffer overflows in INMOD.DLL aka the Module Decoder Plug-in in Winamp before 5.57, and libmikmod 3.1.12, might allow remote attackers to execute arbitrary code via 1 crafted samples or 2 crafted instrument definitions in an Impulse Tracker file. NOTE: some of these details ar...
DEBIAN-CVE-2009-3995
Multiple heap-based buffer overflows in INMOD.DLL aka the Module Decoder Plug-in in Winamp before 5.57, and libmikmod 3.1.12, might allow remote attackers to execute arbitrary code via 1 crafted samples or 2 crafted instrument definitions in an Impulse Tracker file. NOTE: some of these details ar...
CVE-2009-3995
Multiple heap-based buffer overflows in INMOD.DLL aka the Module Decoder Plug-in in Winamp before 5.57, and libmikmod 3.1.12, might allow remote attackers to execute arbitrary code via 1 crafted samples or 2 crafted instrument definitions in an Impulse Tracker file. NOTE: some of these details ar...
CVE-2009-3995
Summary (CVE-2009-3995) : The issue arises from multiple heap-based buffer overflows in MikMod (libmikmod, loaders/load_it.c, possibly version 3.1.12) used by Impulse Tracker-compatible formats. Exploitation via specially crafted Impulse Tracker samples or instrument definitions could allow a rem...
CVE-2009-3995
Multiple heap-based buffer overflows in INMOD.DLL aka the Module Decoder Plug-in in Winamp before 5.57, and libmikmod 3.1.12, might allow remote attackers to execute arbitrary code via 1 crafted samples or 2 crafted instrument definitions in an Impulse Tracker file. NOTE: some of these details ar...
CVE-2009-3995
Multiple heap-based buffer overflows in INMOD.DLL aka the Module Decoder Plug-in in Winamp before 5.57, and libmikmod 3.1.12, might allow remote attackers to execute arbitrary code via 1 crafted samples or 2 crafted instrument definitions in an Impulse Tracker file. NOTE: some of these details ar...
Secunia Research: Winamp Impulse Tracker Sample Parsing Buffer Overflow
====================================================================== Secunia Research 17/12/2009 - Winamp Impulse Tracker Sample Parsing Buffer Overflow - ====================================================================== Table of Contents Affected...
Nullsoft WinAmp multiple security vulnerabilities
Buffer overflows and integer overflows on Oktalyzer, Ultratracker, Impulse Tracker files parsing, JPEG, PNG...
CVE-2007-1922
The Impulse Tracker IT and ScreamTracker 3 S3M modules in INMOD.DLL in AOL Nullsoft Winamp 5.33 allows remote attackers to execute arbitrary code via a crafted 1 .IT or 2 .S3M file containing integer values that are used as memory offsets, which triggers memory corruption...
Memory corruption
The Impulse Tracker IT and ScreamTracker 3 S3M modules in INMOD.DLL in AOL Nullsoft Winamp 5.33 allows remote attackers to execute arbitrary code via a crafted 1 .IT or 2 .S3M file containing integer values that are used as memory offsets, which triggers memory corruption...
CVE-2007-1922
CVE-2007-1922 affects AOL Nullsoft Winamp 5.33, specifically the IT and S3M modules in IN_MOD.DLL. A crafted .IT or .S3M file containing integer values used as memory offsets can trigger memory corruption, enabling remote attackers to execute arbitrary code. Risk assessment and exact exploitation...
CVE-2007-1922
The Impulse Tracker IT and ScreamTracker 3 S3M modules in INMOD.DLL in AOL Nullsoft Winamp 5.33 allows remote attackers to execute arbitrary code via a crafted 1 .IT or 2 .S3M file containing integer values that are used as memory offsets, which triggers memory corruption...
GLSA-200608-14 : DUMB: Heap buffer overflow
The remote host is affected by the vulnerability described in GLSA-200608-14 DUMB: Heap buffer overflow Luigi Auriemma found a heap-based buffer overflow in the itreadenvelope function which reads the envelope values for volume, pan and pitch of the instruments referenced in a '.it' Impulse Track...
DEBIAN-CVE-2006-3668
Heap-based buffer overflow in the itreadenvelope function in Dynamic Universal Music Bibliotheque DUMB 0.9.3 and earlier and current CVS as of 20060716, including libdumb, allows user-assisted attackers to execute arbitrary code via a ".it" Impulse Tracker file with an envelope with a large numbe...
CVE-2006-3668
Heap-based buffer overflow in the itreadenvelope function in Dynamic Universal Music Bibliotheque DUMB 0.9.3 and earlier and current CVS as of 20060716, including libdumb, allows user-assisted attackers to execute arbitrary code via a ".it" Impulse Tracker file with an envelope with a large numbe...