Libmodplug Security Vulnerabilities and Issues — Libmodplug CVE List

Lucene search

Konstanty BialkowskiLibmodplug

10 matches found

CVE•added 2012/06/07 7:55 p.m.•64 views

CVE-2011-2912

Stack-based buffer overflow in the CSoundFile::ReadS3M function in src/load_s3m.cpp in libmodplug before 0.8.8.4 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted S3M file with an invalid offset.

6.8CVSS7.8AI score0.0245EPSS

CVE•added 2012/06/07 7:55 p.m.•63 views

CVE-2011-2913

Off-by-one error in the CSoundFile::ReadAMS function in src/load_ams.cpp in libmodplug before 0.8.8.4 allows remote attackers to cause a denial of service (stack memory corruption) and possibly execute arbitrary code via a crafted AMS file with a large number of samples.

6.8CVSS7.4AI score0.03971EPSS

CVE•added 2012/06/07 7:55 p.m.•62 views

CVE-2011-2915

Off-by-one error in the CSoundFile::ReadAMS2 function in src/load_ams.cpp in libmodplug before 0.8.8.4 allows remote attackers to cause a denial of service (memory corruption) and possibly execute arbitrary code via a crafted AMS file with a large number of instruments.

6.8CVSS7.4AI score0.08659EPSS

CVE•added 2009/05/04 4:30 p.m.•60 views

CVE-2009-1513

Buffer overflow in the PATinst function in src/load_pat.cpp in libmodplug before 0.8.7 allows user-assisted remote attackers to cause a denial of service and possibly execute arbitrary code via a long instrument name.

6.8CVSS7.7AI score0.08341EPSS

CVE•added 2012/06/07 7:55 p.m.•60 views

CVE-2011-2911

Integer overflow in the CSoundFile::ReadWav function in src/load_wav.cpp in libmodplug before 0.8.8.4 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted WAV file, which triggers a heap-based buffer overflow.

6.8CVSS7.8AI score0.0245EPSS

CVE•added 2012/06/07 7:55 p.m.•59 views

CVE-2011-1761

Multiple stack-based buffer overflows in the (1) abc_new_macro and (2) abc_new_umacro functions in src/load_abc.cpp in libmodplug before 0.8.8.3 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted ABC file. NOTE: some of these details are ob...

6.8CVSS7.5AI score0.34997EPSS

CVE•added 2011/05/09 10:55 p.m.•58 views

CVE-2011-1574

Stack-based buffer overflow in the ReadS3M method in load_s3m.cpp in libmodplug before 0.8.8.2 allows remote attackers to execute arbitrary code via a crafted S3M file.

6.8CVSS7.7AI score0.67035EPSS

CVE•added 2012/06/07 7:55 p.m.•55 views

CVE-2011-2914

Off-by-one error in the CSoundFile::ReadDSM function in src/load_dms.cpp in libmodplug before 0.8.8.4 allows remote attackers to cause a denial of service (memory corruption) and possibly execute arbitrary code via a crafted DSM file with a large number of samples.

6.8CVSS7.4AI score0.04899EPSS

CVE•added 2013/09/16 7:14 p.m.•54 views

CVE-2013-4234

Multiple heap-based buffer overflows in the (1) abc_MIDI_drum and (2) abc_MIDI_gchord functions in load_abc.cpp in libmodplug 0.8.8.4 and earlier allow remote attackers to cause a denial of service (memory corruption and crash) and possibly execute arbitrary code via a crafted ABC.

6.8CVSS7.8AI score0.03086EPSS

CVE•added 2013/09/16 7:14 p.m.•44 views

CVE-2013-4233

Integer overflow in the abc_set_parts function in load_abc.cpp in libmodplug 0.8.8.4 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted P header in an ABC file, which triggers a heap-based buffer overflow.

6.8CVSS7.9AI score0.02274EPSS