CVE-2013-4234

Multiple heap-based buffer overflows in the 1 abcMIDIdrum and 2 abcMIDIgchord functions in loadabc.cpp in libmodplug 0.8.8.4 and earlier allow remote attackers to cause a denial of service memory corruption and crash and possibly execute arbitrary code via a crafted ABC...

CVE-2013-4233

CVE-2013-4233 affects libmodplug up to version 0.8.8.x (incl. 0.8.8.4) with an integer/heap overflow in load_abc.cpp when parsing crafted ABC headers, enabling potential remote denial of service and arbitrary code execution. Public advisories show that the fix is delivered by upgrading libmodplug...

VLC Media Player ABC File Parts Field Parsing Heap Integer Overflow

A remote code execution vulnerability has been reported in the libmodplug library used by VLC Media Player. The vulnerability is due to an error while parsing Parts field in ABC files which can result in an integer overflow. A remote attacker can exploit this vulnerability by enticing an...

Mandriva Linux Security Advisory : libmodplug (MDVSA-2013:232)

Multiple vulnerabilities has been discovered and corrected in libmodplug : An integer overflow within the abcsetparts function src/loadabc.cpp can be exploited to corrupt heap memory via a specially crafted ABC file CVE-2013-4233. An error within the abcMIDIdrum and abcMIDIgchord functions...

MGASA-2013-0271 Updated libmodplug packages fixes security vulnerabilities

An integer overflow within the "abcsetparts" function src/loadabc.cpp can be exploited to corrupt heap memory via a specially crafted ABC file CVE-2013-4233. An error within the "abcMIDIdrum" and "abcMIDIgchord" functions src/loadabc.cpp can be exploited to cause a buffer overflow via a specially...

Updated libmodplug packages fixes security vulnerabilities

An integer overflow within the "abcsetparts" function src/loadabc.cpp can be exploited to corrupt heap memory via a specially crafted ABC file CVE-2013-4233. An error within the "abcMIDIdrum" and "abcMIDIgchord" functions src/loadabc.cpp can be exploited to cause a buffer overflow via a specially...

libmodplug security vulnerabilities

Few code execution possibilities...

[SECURITY] [DSA 2751-1] libmodplug security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2751-1 [email protected] http://www.debian.org/security/ Raphael Geissert September 04, 2013 http://www.debian.org/security/faq -...

Debian DSA-2751-1 : libmodplug - several vulnerabilities

Several vulnerabilities have been discovered in libmodplug, a library for mod music based on ModPlug, that might allow arbitrary code execution when processing specially crafted ABC files through applications using the library, such as media players. %NASLMINLEVEL 70300 C Tenable Network Security...

[SECURITY] [DSA 2751-1] libmodplug security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2751-1 [email protected] http://www.debian.org/security/ Raphael Geissert September 04, 2013 http://www.debian.org/security/faq -...

Debian Security Advisory DSA 2751-1 (libmodplug - several vulnerabilities)

Several vulnerabilities have been discovered in libmodplug, a library for mod music based on ModPlug, that might allow arbitrary code execution when processing specially-crafted ABC files through applications using the library, such as media players. OpenVAS Vulnerability Test $Id: deb2751.nasl...

DSA-2751-1 libmodplug - several

Bulletin has no description...

Debian: Security Advisory (DSA-2751-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

VLC Media Player ABC File Instruction Field Parsing Heap Overflow

A remote code execution vulnerability has been reported in the libmodplug library used by VLC Media Player. The vulnerability is due to an error while parsing Instruction fields in ABC files with the style sheet directive "MIDI drum" or "MIDI gchord". Remote attackers could exploit this...

VideoLAN VLC Media Player Libmodplug ReadS3M Stack Overflow (CVE-2011-1574)

A buffer overread vulnerability has been reported in VideoLAN VLC Media Player. The vulnerability is due to error in ReadS3M method in loads3m.cpp in libmodplug before 0.8.8.2 allows remote attackers to execute arbitrary code via a crafted S3M file...

CentOS Update for gstreamer-plugins CESA-2011:1264 centos4 x86_64

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

CentOS Update for gstreamer-plugins CESA-2011:0477 centos4 x86_64

Check for the Version of gstreamer-plugins OpenVAS Vulnerability Test CentOS Update for gstreamer-plugins CESA-2011:0477 centos4 x8664 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute ...

CentOS Update for gstreamer-plugins CESA-2011:0477 centos4 x86_64

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

CVE-2011-2912

Stack-based buffer overflow in the CSoundFile::ReadS3M function in src/loads3m.cpp in libmodplug before 0.8.8.4 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted S3M file with an invalid offset...

CVE-2011-2912

Stack-based buffer overflow in the CSoundFile::ReadS3M function in src/loads3m.cpp in libmodplug before 0.8.8.4 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted S3M file with an invalid offset...