In libopenmpt before 0.3.19 and 0.4.x before 0.4.9, ModPlug_InstrumentName and ModPlug_SampleName in libopenmpt_modplug.c do not restrict the lengths of libmodplug output-buffer strings in the C API, leading to a buffer overflow.
Max CVSS
9.8
EPSS Score
1.22%
Published
2019-10-04
Updated
2020-08-02
J2B in libopenmpt before 0.4.2 allows an assertion failure during file parsing with debug STLs.
Max CVSS
6.5
EPSS Score
0.28%
Published
2019-07-30
Updated
2023-03-03
DSM in libopenmpt before 0.4.2 allows an assertion failure during file parsing with debug STLs.
Max CVSS
6.5
EPSS Score
0.24%
Published
2019-07-30
Updated
2023-03-03
libopenmpt before 0.4.3 allows a crash due to a NULL pointer dereference when doing a portamento from an OPL instrument to an empty instrument note map slot.
Max CVSS
7.5
EPSS Score
0.15%
Published
2019-07-30
Updated
2019-08-05
libopenmpt before 0.4.5 allows a crash during playback due to an out-of-bounds read in XM and MT2 files.
Max CVSS
6.5
EPSS Score
0.09%
Published
2019-07-30
Updated
2023-03-03
libopenmpt before 0.3.11 allows a crash with certain malformed custom tunings in MPTM files.
Max CVSS
6.5
EPSS Score
0.23%
Published
2019-07-30
Updated
2019-09-29
libopenmpt before 0.3.13 allows a crash with malformed MED files.
Max CVSS
6.5
EPSS Score
0.15%
Published
2019-07-30
Updated
2023-03-03
soundlib/pattern.h in libopenmpt before 0.3.9 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted AMS file because of an invalid write near address 0 in an out-of-memory situation.
Max CVSS
8.8
EPSS Score
0.28%
Published
2018-06-04
Updated
2018-07-16
soundlib/Snd_fx.cpp in OpenMPT before 1.27.07.00 and libopenmpt before 0.3.8 allows remote attackers to cause a denial of service (out-of-bounds read) via an IT or MO3 file with many nested pattern loops.
Max CVSS
6.5
EPSS Score
0.57%
Published
2018-04-11
Updated
2020-10-15
soundlib/Load_stp.cpp in OpenMPT through 1.27.04.00, and libopenmpt before 0.3.6, has an out-of-bounds read via a malformed STP file.
Max CVSS
8.8
EPSS Score
0.29%
Published
2018-02-04
Updated
2020-10-15
soundlib/Load_psm.cpp in OpenMPT through 1.26.12.00 and libopenmpt before 0.2.8461-beta26 has a heap buffer overflow with the potential for arbitrary code execution via a crafted PSM File that triggers use of the same sample slot for two samples.
Max CVSS
7.8
EPSS Score
0.28%
Published
2017-07-17
Updated
2017-07-27
11 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!