ID |
CVE-2011-2911
|
Summary |
Integer overflow in the CSoundFile::ReadWav function in src/load_wav.cpp in libmodplug before 0.8.8.4 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted WAV file, which triggers a heap-based buffer overflow. |
References |
|
Vulnerable Configurations |
-
cpe:2.3:a:konstanty_bialkowski:libmodplug:0.8.5:*:*:*:*:*:*:*
cpe:2.3:a:konstanty_bialkowski:libmodplug:0.8.5:*:*:*:*:*:*:*
-
cpe:2.3:a:konstanty_bialkowski:libmodplug:0.8.7:*:*:*:*:*:*:*
cpe:2.3:a:konstanty_bialkowski:libmodplug:0.8.7:*:*:*:*:*:*:*
-
cpe:2.3:a:konstanty_bialkowski:libmodplug:0.8:*:*:*:*:*:*:*
cpe:2.3:a:konstanty_bialkowski:libmodplug:0.8:*:*:*:*:*:*:*
-
cpe:2.3:a:konstanty_bialkowski:libmodplug:0.8.4:*:*:*:*:*:*:*
cpe:2.3:a:konstanty_bialkowski:libmodplug:0.8.4:*:*:*:*:*:*:*
-
cpe:2.3:a:konstanty_bialkowski:libmodplug:0.8.6:*:*:*:*:*:*:*
cpe:2.3:a:konstanty_bialkowski:libmodplug:0.8.6:*:*:*:*:*:*:*
-
cpe:2.3:a:konstanty_bialkowski:libmodplug:0.8.8:*:*:*:*:*:*:*
cpe:2.3:a:konstanty_bialkowski:libmodplug:0.8.8:*:*:*:*:*:*:*
-
cpe:2.3:a:konstanty_bialkowski:libmodplug:0.8.8.1:*:*:*:*:*:*:*
cpe:2.3:a:konstanty_bialkowski:libmodplug:0.8.8.1:*:*:*:*:*:*:*
-
cpe:2.3:a:konstanty_bialkowski:libmodplug:0.8.8.2:*:*:*:*:*:*:*
cpe:2.3:a:konstanty_bialkowski:libmodplug:0.8.8.2:*:*:*:*:*:*:*
-
cpe:2.3:a:konstanty_bialkowski:libmodplug:0.8.8.3:*:*:*:*:*:*:*
cpe:2.3:a:konstanty_bialkowski:libmodplug:0.8.8.3:*:*:*:*:*:*:*
|
CVSS |
Base: | 6.8 (as of 13-02-2023 - 04:32) |
Impact: | |
Exploitability: | |
|
CWE |
CWE-189 |
CAPEC |
|
Access |
Vector | Complexity | Authentication |
NETWORK |
MEDIUM |
NONE |
|
Impact |
Confidentiality | Integrity | Availability |
PARTIAL |
PARTIAL |
PARTIAL |
|
cvss-vector
via4
|
AV:N/AC:M/Au:N/C:P/I:P/A:P
|
redhat
via4
|
advisories | | rpms | - gstreamer-plugins-0:0.8.5-1.EL.4
- gstreamer-plugins-debuginfo-0:0.8.5-1.EL.4
- gstreamer-plugins-devel-0:0.8.5-1.EL.4
|
|
refmap
via4
|
bid | 48979 | confirm | | debian | DSA-2415 | fedora | - FEDORA-2011-10503
- FEDORA-2011-12370
| gentoo | - GLSA-201203-14
- GLSA-201203-16
| mlist | - [oss-security] 20120810 CVE request: libmodplug: multiple vulnerabilities reported in <= 0.8.8.3
- [oss-security] 20120812 Re: CVE request: libmodplug: multiple vulnerabilities reported in <= 0.8.8.3
| osvdb | 74208 | secunia | - 45131
- 45658
- 45742
- 45901
- 46032
- 46043
- 46793
- 48058
- 48434
- 48439
| suse | openSUSE-SU-2011:0943 | ubuntu | USN-1255-1 | xf | libmodplug-wav-bo(68983) |
|
Last major update |
13-02-2023 - 04:32 |
Published |
07-06-2012 - 19:55 |
Last modified |
13-02-2023 - 04:32 |