Konstanty Bialkowski » Libmodplug : Security Vulnerabilities, CVEs, (Memory corruption)
Multiple heap-based buffer overflows in the (1) abc_MIDI_drum and (2) abc_MIDI_gchord functions in load_abc.cpp in libmodplug 0.8.8.4 and earlier allow remote attackers to cause a denial of service (memory corruption and crash) and possibly execute arbitrary code via a crafted ABC.
Max CVSS
6.8
EPSS Score
7.11%
Published
2013-09-16
Updated
2016-12-31
Off-by-one error in the CSoundFile::ReadAMS2 function in src/load_ams.cpp in libmodplug before 0.8.8.4 allows remote attackers to cause a denial of service (memory corruption) and possibly execute arbitrary code via a crafted AMS file with a large number of instruments.
Max CVSS
6.8
EPSS Score
5.61%
Published
2012-06-07
Updated
2023-02-13
Off-by-one error in the CSoundFile::ReadDSM function in src/load_dms.cpp in libmodplug before 0.8.8.4 allows remote attackers to cause a denial of service (memory corruption) and possibly execute arbitrary code via a crafted DSM file with a large number of samples.
Max CVSS
6.8
EPSS Score
5.61%
Published
2012-06-07
Updated
2023-02-13
Off-by-one error in the CSoundFile::ReadAMS function in src/load_ams.cpp in libmodplug before 0.8.8.4 allows remote attackers to cause a denial of service (stack memory corruption) and possibly execute arbitrary code via a crafted AMS file with a large number of samples.
Max CVSS
6.8
EPSS Score
5.61%
Published
2012-06-07
Updated
2023-02-13
4 vulnerabilities found