Konstanty Bialkowski : Security Vulnerabilities, CVEs, Published In 2012 (Code Execution)
Off-by-one error in the CSoundFile::ReadAMS2 function in src/load_ams.cpp in libmodplug before 0.8.8.4 allows remote attackers to cause a denial of service (memory corruption) and possibly execute arbitrary code via a crafted AMS file with a large number of instruments.
Max CVSS
6.8
EPSS Score
5.61%
Published
2012-06-07
Updated
2023-02-13
Off-by-one error in the CSoundFile::ReadDSM function in src/load_dms.cpp in libmodplug before 0.8.8.4 allows remote attackers to cause a denial of service (memory corruption) and possibly execute arbitrary code via a crafted DSM file with a large number of samples.
Max CVSS
6.8
EPSS Score
5.61%
Published
2012-06-07
Updated
2023-02-13
Off-by-one error in the CSoundFile::ReadAMS function in src/load_ams.cpp in libmodplug before 0.8.8.4 allows remote attackers to cause a denial of service (stack memory corruption) and possibly execute arbitrary code via a crafted AMS file with a large number of samples.
Max CVSS
6.8
EPSS Score
5.61%
Published
2012-06-07
Updated
2023-02-13
Stack-based buffer overflow in the CSoundFile::ReadS3M function in src/load_s3m.cpp in libmodplug before 0.8.8.4 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted S3M file with an invalid offset.
Max CVSS
6.8
EPSS Score
5.05%
Published
2012-06-07
Updated
2023-02-13
Integer overflow in the CSoundFile::ReadWav function in src/load_wav.cpp in libmodplug before 0.8.8.4 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted WAV file, which triggers a heap-based buffer overflow.
Max CVSS
6.8
EPSS Score
5.37%
Published
2012-06-07
Updated
2023-02-13
Multiple stack-based buffer overflows in the (1) abc_new_macro and (2) abc_new_umacro functions in src/load_abc.cpp in libmodplug before 0.8.8.3 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted ABC file. NOTE: some of these details are obtained from third party information.
Max CVSS
6.8
EPSS Score
25.64%
Published
2012-06-07
Updated
2023-02-13
6 vulnerabilities found