ID CVE-2011-2915
Summary Off-by-one error in the CSoundFile::ReadAMS2 function in src/load_ams.cpp in libmodplug before 0.8.8.4 allows remote attackers to cause a denial of service (memory corruption) and possibly execute arbitrary code via a crafted AMS file with a large number of instruments.
References
Vulnerable Configurations
  • cpe:2.3:a:konstanty_bialkowski:libmodplug:0.8:*:*:*:*:*:*:*
    cpe:2.3:a:konstanty_bialkowski:libmodplug:0.8:*:*:*:*:*:*:*
  • cpe:2.3:a:konstanty_bialkowski:libmodplug:0.8.4:*:*:*:*:*:*:*
    cpe:2.3:a:konstanty_bialkowski:libmodplug:0.8.4:*:*:*:*:*:*:*
  • cpe:2.3:a:konstanty_bialkowski:libmodplug:0.8.5:*:*:*:*:*:*:*
    cpe:2.3:a:konstanty_bialkowski:libmodplug:0.8.5:*:*:*:*:*:*:*
  • cpe:2.3:a:konstanty_bialkowski:libmodplug:0.8.6:*:*:*:*:*:*:*
    cpe:2.3:a:konstanty_bialkowski:libmodplug:0.8.6:*:*:*:*:*:*:*
  • cpe:2.3:a:konstanty_bialkowski:libmodplug:0.8.7:*:*:*:*:*:*:*
    cpe:2.3:a:konstanty_bialkowski:libmodplug:0.8.7:*:*:*:*:*:*:*
  • cpe:2.3:a:konstanty_bialkowski:libmodplug:0.8.8:*:*:*:*:*:*:*
    cpe:2.3:a:konstanty_bialkowski:libmodplug:0.8.8:*:*:*:*:*:*:*
  • cpe:2.3:a:konstanty_bialkowski:libmodplug:0.8.8.1:*:*:*:*:*:*:*
    cpe:2.3:a:konstanty_bialkowski:libmodplug:0.8.8.1:*:*:*:*:*:*:*
  • cpe:2.3:a:konstanty_bialkowski:libmodplug:0.8.8.2:*:*:*:*:*:*:*
    cpe:2.3:a:konstanty_bialkowski:libmodplug:0.8.8.2:*:*:*:*:*:*:*
  • cpe:2.3:a:konstanty_bialkowski:libmodplug:0.8.8.3:*:*:*:*:*:*:*
    cpe:2.3:a:konstanty_bialkowski:libmodplug:0.8.8.3:*:*:*:*:*:*:*
CVSS
Base: 6.8 (as of 29-08-2017 - 01:29)
Impact:
Exploitability:
CWE CWE-189
CAPEC
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
cvss-vector via4 AV:N/AC:M/Au:N/C:P/I:P/A:P
redhat via4
advisories
bugzilla
id 728371
title = 0.8.8.3
oval
OR
  • comment Red Hat Enterprise Linux must be installed
    oval oval:com.redhat.rhba:tst:20070304026
  • AND
    • comment Red Hat Enterprise Linux 4 is installed
      oval oval:com.redhat.rhba:tst:20070304025
    • OR
      • AND
        • comment gstreamer-plugins is earlier than 0:0.8.5-1.EL.4
          oval oval:com.redhat.rhsa:tst:20111264001
        • comment gstreamer-plugins is signed with Red Hat master key
          oval oval:com.redhat.rhsa:tst:20090270002
      • AND
        • comment gstreamer-plugins-devel is earlier than 0:0.8.5-1.EL.4
          oval oval:com.redhat.rhsa:tst:20111264003
        • comment gstreamer-plugins-devel is signed with Red Hat master key
          oval oval:com.redhat.rhsa:tst:20090270004
rhsa
id RHSA-2011:1264
released 2011-09-06
severity Important
title RHSA-2011:1264: gstreamer-plugins security update (Important)
rpms
  • gstreamer-plugins-0:0.8.5-1.EL.4
  • gstreamer-plugins-debuginfo-0:0.8.5-1.EL.4
  • gstreamer-plugins-devel-0:0.8.5-1.EL.4
refmap via4
bid 48979
confirm
debian DSA-2415
fedora
  • FEDORA-2011-10503
  • FEDORA-2011-12370
gentoo
  • GLSA-201203-14
  • GLSA-201203-16
mlist
  • [oss-security] 20120810 CVE request: libmodplug: multiple vulnerabilities reported in <= 0.8.8.3
  • [oss-security] 20120812 Re: CVE request: libmodplug: multiple vulnerabilities reported in <= 0.8.8.3
osvdb 74210
secunia
  • 45131
  • 45658
  • 45742
  • 45901
  • 46032
  • 46043
  • 46793
  • 48058
  • 48434
  • 48439
suse openSUSE-SU-2011:0943
ubuntu USN-1255-1
xf libmodplug-csoundfile-code-exec(68987)
Last major update 29-08-2017 - 01:29
Published 07-06-2012 - 19:55
Last modified 29-08-2017 - 01:29
Back to Top