Lucene search
K
Konstanty BialkowskiLibmodplug

11 matches found

CVE
CVE
added 2012/06/07 7:0 p.m.91 views

CVE-2011-2912

CVE-2011-2912: In libmodplug, the CSoundFile::ReadS3M() implementation in src/load_s3m.cpp before version 0.8.8.4 is affected by a stack-based buffer overflow when processing crafted S3M files with an invalid offset. This can lead to denial of service and may allow arbitrary code execution. Other...

6.8CVSS7.8AI score0.04345EPSS
CVE
CVE
added 2012/06/07 7:0 p.m.89 views

CVE-2011-1761

CVE-2011-1761 affects libmodplug prior to 0.8.8.3, with multiple stack-based buffer overflows in the ABC loader paths (abc_new_macro and abc_new_umacro) in src/load_abc.cpp. The vulnerability allows remote attackers to crash the application and potentially execute arbitrary code via a crafted ABC...

6.8CVSS7.5AI score0.11082EPSS
CVE
CVE
added 2012/06/07 7:0 p.m.86 views

CVE-2011-2911

CVE-2011-2911 is a memory- safety vulnerability in the libmodplug library: an integer/heap-based overflow in CSoundFile::ReadWav (src/load_wav.cpp) before 0.8.8.4 can be triggered by a crafted WAV file, allowing remote denial of service and potentially arbitrary code execution. The issue affects ...

6.8CVSS7.8AI score0.04345EPSS
CVE
CVE
added 2009/04/27 5:43 p.m.84 views

CVE-2009-1438

CVE-2009-1438 concerns an integer overflow in libmodplug’s MED file handling (CSoundFile::ReadMed in src/load_med.cpp) prior to version 0.8.6. The issue enables a heap-based buffer overflow when processing a crafted MED file, by exploiting a crafted song comment or song name, and is/was present i...

7.5CVSS7.8AI score0.04667EPSS
CVE
CVE
added 2011/05/09 10:0 p.m.84 views

CVE-2011-1574

CVE-2011-1574 is a stack-based buffer overflow in ReadS3M (load_s3m.cpp) of the libmodplug library, prior to version 0.8.8.2. A crafted S3M file can trigger code execution on a vulnerable host. The issue is embedded in libmodplug and affects applications that bundle this library (e.g., VideoLAN V...

6.8CVSS7.7AI score0.42941EPSS
CVE
CVE
added 2012/06/07 7:0 p.m.81 views

CVE-2011-2913

CVE-2011-2913 is an off-by-one error in the CSoundFile::ReadAMS function (src/load_ams.cpp) in libmodplug before 0.8.8.4 that can be triggered by a crafted AMS file with a large number of samples, enabling denial of service (stack memory corruption) and potentially arbitrary code execution. Publi...

6.8CVSS7.4AI score0.04578EPSS
CVE
CVE
added 2012/06/07 7:0 p.m.78 views

CVE-2011-2915

CVE-2011-2915 describes an off-by-one error in libmodplug’s CSoundFile::ReadAMS2 (src/load_ams.cpp) prior to 0.8.8.4, which can be triggered by a crafted AMS file with many instruments to cause memory corruption, potentially enabling code execution or denial of service. Public references discuss ...

6.8CVSS7.4AI score0.04199EPSS
CVE
CVE
added 2009/05/04 4:12 p.m.76 views

CVE-2009-1513

CVE-2009-1513 is a buffer overflow in the PATinst function of libmodplug (src/load_pat.cpp) that can be triggered by a long instrument name, leading to denial of service and possibly remote code execution. Affected product: libmodplug (ModPlug-based lib); root cause: buffer overflow in PATinst ha...

6.8CVSS7.7AI score0.04105EPSS
CVE
CVE
added 2012/06/07 7:0 p.m.74 views

CVE-2011-2914

CVE-2011-2914 affects libmodplug’s DSM file handling: Off-by-one in CSoundFile::ReadDSM (src/load_dms.cpp) before 0.8.8.4 may allow a remote attacker to cause memory corruption, leading to denial of service and potential arbitrary code execution via crafted DSM files with many samples. Public rep...

6.8CVSS7.4AI score0.04583EPSS
CVE
CVE
added 2013/09/16 7:0 p.m.72 views

CVE-2013-4234

CVE-2013-4234 involves multiple heap-based buffer overflows in the abc_MIDI_drum and abc_MIDI_gchord functions within load_abc.cpp of libmodplug, affecting version 0.8.8.4 and earlier. The vulnerabilities can lead to memory corruption, a crash, and potentially remote code execution, i.e., a denia...

6.8CVSS7.8AI score0.04352EPSS
CVE
CVE
added 2013/09/16 7:0 p.m.62 views

CVE-2013-4233

CVE-2013-4233 affects libmodplug up to version 0.8.8.x (incl. 0.8.8.4) with an integer/heap overflow in load_abc.cpp when parsing crafted ABC headers, enabling potential remote denial of service and arbitrary code execution. Public advisories show that the fix is delivered by upgrading libmodplug...

6.8CVSS7.9AI score0.04083EPSS