6 results (0.005 seconds)

CVSS: 9.3EPSS: 8%CPEs: 1EXPL: 0

04 Aug 2010 — Multiple heap-based buffer overflows in loaders/load_it.c in libmikmod, possibly 3.1.12, might allow remote attackers to execute arbitrary code via (1) crafted samples or (2) crafted instrument definitions in an Impulse Tracker file, related to panpts, pitpts, and IT_ProcessEnvelope. NOTE: some of these details are obtained from third party information. NOTE: this vulnerability exists because of an incomplete fix for CVE-2009-3995. Múltiples desbordamientos de búfer basados en pila en loaders/load_it.c de l... • http://secunia.com/advisories/40799 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 9.8EPSS: 1%CPEs: 1EXPL: 0

04 Aug 2010 — loaders/load_it.c in libmikmod, possibly 3.1.12, does not properly account for the larger size of name##env relative to name##tick and name##node, which allows remote attackers to trigger a buffer over-read and possibly have unspecified other impact via a crafted Impulse Tracker file, a related issue to CVE-2010-2546. NOTE: this issue exists because of an incomplete fix for CVE-2009-3995. oaders/load_it.c en libmikmod, posiblemente v3.1.12, no considera adecuadamente los tamaños grandes de name##env en rela... • http://secunia.com/advisories/48244 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 9.8EPSS: 9%CPEs: 97EXPL: 0

18 Dec 2009 — Heap-based buffer overflow in IN_MOD.DLL (aka the Module Decoder Plug-in) in Winamp before 5.57, and libmikmod 3.1.12, might allow remote attackers to execute arbitrary code via an Ultratracker file. Desbordamiento de búfer en la región heap de la memoria en la biblioteca IN_MOD. DLL (también se conoce como el Plug-in Module Decoder) en Winamp anterior a versión 5.57, y libmikmod versión 3.1.12, podría permitir a los atacantes remotos ejecutar código arbitrario por medio de un archivo Ultratracker. • http://forums.winamp.com/showthread.php?threadid=315355 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 9.3EPSS: 9%CPEs: 97EXPL: 0

18 Dec 2009 — Multiple heap-based buffer overflows in IN_MOD.DLL (aka the Module Decoder Plug-in) in Winamp before 5.57, and libmikmod 3.1.12, might allow remote attackers to execute arbitrary code via (1) crafted samples or (2) crafted instrument definitions in an Impulse Tracker file. NOTE: some of these details are obtained from third party information. Múltiples desbordamientos de búfer en la región heap de la memoria en la biblioteca IN_MOD. DLL (también se conoce como el Plug-in Module Decoder) en Winamp anterior a... • http://forums.winamp.com/showthread.php?threadid=315355 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 7.5EPSS: 1%CPEs: 19EXPL: 0

20 Jan 2009 — libmikmod 3.1.9 through 3.2.0, as used by MikMod, SDL-mixer, and possibly other products, relies on the channel count of the last loaded song, rather than the currently playing song, for certain playback calculations, which allows user-assisted attackers to cause a denial of service (application crash) by loading multiple songs (aka MOD files) with different numbers of channels. libmikmod v3.1.9 hasta v3.2.0, utilizado por MikMod, SDL-mixer, y posiblemente otros productos, se basa en los canales de la últim... • http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=422021 •

CVSS: 7.5EPSS: 2%CPEs: 19EXPL: 0

20 Jan 2009 — libmikmod 3.1.11 through 3.2.0, as used by MikMod and possibly other products, allows user-assisted attackers to cause a denial of service (application crash) by loading an XM file. libmikmod v3.1.11 hasta v3.2.0, como el utilizado por MikMod y posiblemente otros productos, permite a atacantes ayudados por el usuario provocar una denegación de servicio (caida de aplicación) cargando un fichero XM. • http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=476339 •