Mandriva Linux Security Advisory : libmikmod (MDVSA-2010:151)

A vulnerability has been discovered and corrected in libmikmod : Multiple heap-based buffer overflows might allow remote attackers to execute arbitrary code via 1 crafted samples or 2 crafted instrument definitions in an Impulse Tracker file CVE-2009-3995. Packages for 2008.0 and 2009.0 are...

DEBIAN-CVE-2010-2546

Multiple heap-based buffer overflows in loaders/loadit.c in libmikmod, possibly 3.1.12, might allow remote attackers to execute arbitrary code via 1 crafted samples or 2 crafted instrument definitions in an Impulse Tracker file, related to panpts, pitpts, and ITProcessEnvelope. NOTE: some of thes...

CVE-2010-2546

Multiple heap-based buffer overflows in loaders/loadit.c in libmikmod, possibly 3.1.12, might allow remote attackers to execute arbitrary code via 1 crafted samples or 2 crafted instrument definitions in an Impulse Tracker file, related to panpts, pitpts, and ITProcessEnvelope. NOTE: some of thes...

Heap overflow

Multiple heap-based buffer overflows in loaders/loadit.c in libmikmod, possibly 3.1.12, might allow remote attackers to execute arbitrary code via 1 crafted samples or 2 crafted instrument definitions in an Impulse Tracker file, related to panpts, pitpts, and ITProcessEnvelope. NOTE: some of thes...

DEBIAN-CVE-2009-3995

Multiple heap-based buffer overflows in INMOD.DLL aka the Module Decoder Plug-in in Winamp before 5.57, and libmikmod 3.1.12, might allow remote attackers to execute arbitrary code via 1 crafted samples or 2 crafted instrument definitions in an Impulse Tracker file. NOTE: some of these details ar...

CVE-2009-3995

Multiple heap-based buffer overflows in INMOD.DLL aka the Module Decoder Plug-in in Winamp before 5.57, and libmikmod 3.1.12, might allow remote attackers to execute arbitrary code via 1 crafted samples or 2 crafted instrument definitions in an Impulse Tracker file. NOTE: some of these details ar...

CVE-2009-3995

Multiple heap-based buffer overflows in INMOD.DLL aka the Module Decoder Plug-in in Winamp before 5.57, and libmikmod 3.1.12, might allow remote attackers to execute arbitrary code via 1 crafted samples or 2 crafted instrument definitions in an Impulse Tracker file. NOTE: some of these details ar...

CVE-2009-3995

Multiple heap-based buffer overflows in INMOD.DLL aka the Module Decoder Plug-in in Winamp before 5.57, and libmikmod 3.1.12, might allow remote attackers to execute arbitrary code via 1 crafted samples or 2 crafted instrument definitions in an Impulse Tracker file. NOTE: some of these details ar...