CVE-2007-6720
mikmod: crash or abort when loading/playing multiple files with different number of channels
Severity Score
4.3
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
libmikmod 3.1.9 through 3.2.0, as used by MikMod, SDL-mixer, and possibly other products, relies on the channel count of the last loaded song, rather than the currently playing song, for certain playback calculations, which allows user-assisted attackers to cause a denial of service (application crash) by loading multiple songs (aka MOD files) with different numbers of channels.
libmikmod v3.1.9 hasta v3.2.0, utilizado por MikMod, SDL-mixer, y posiblemente otros productos, se basa en los canales de la última canción cargada, en lugar de la canción que se está reproduciendo, para ciertos cálculos de la reproducción, lo que permite a atacantes asistidos por el usuario provocar una denegación de servicio (caída de aplicación)cargando multiples canciones (también conocido como ficheros MOD) con diferentes números de canales.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2009-01-20 CVE Reserved
- 2009-01-20 CVE Published
- 2024-06-25 EPSS Updated
- 2024-08-07 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
CAPEC
References (11)
| URL | Tag | Source |
|---|---|---|
| http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=422021 | X_refsource_confirm | |
| http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=461519 | X_refsource_misc | |
| http://openwall.com/lists/oss-security/2009/01/13/2 | Mailing List | |
| http://secunia.com/advisories/34259 | Third Party Advisory | |
| http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | X_refsource_confirm |
|
| http://www.securityfocus.com/bid/33235 | Vdb Entry |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Igno Saitz Search vendor "Igno Saitz" | Libmikmod Search vendor "Igno Saitz" for product "Libmikmod" | 3.1.9-1 Search vendor "Igno Saitz" for product "Libmikmod" and version "3.1.9-1" | - |
Affected
| ||||||
| Igno Saitz Search vendor "Igno Saitz" | Libmikmod Search vendor "Igno Saitz" for product "Libmikmod" | 3.1.9-2 Search vendor "Igno Saitz" for product "Libmikmod" and version "3.1.9-2" | - |
Affected
| ||||||
| Igno Saitz Search vendor "Igno Saitz" | Libmikmod Search vendor "Igno Saitz" for product "Libmikmod" | 3.1.9-3 Search vendor "Igno Saitz" for product "Libmikmod" and version "3.1.9-3" | - |
Affected
| ||||||
| Igno Saitz Search vendor "Igno Saitz" | Libmikmod Search vendor "Igno Saitz" for product "Libmikmod" | 3.1.9-4 Search vendor "Igno Saitz" for product "Libmikmod" and version "3.1.9-4" | - |
Affected
| ||||||
| Igno Saitz Search vendor "Igno Saitz" | Libmikmod Search vendor "Igno Saitz" for product "Libmikmod" | 3.1.9-5 Search vendor "Igno Saitz" for product "Libmikmod" and version "3.1.9-5" | - |
Affected
| ||||||
| Igno Saitz Search vendor "Igno Saitz" | Libmikmod Search vendor "Igno Saitz" for product "Libmikmod" | 3.1.9-6 Search vendor "Igno Saitz" for product "Libmikmod" and version "3.1.9-6" | - |
Affected
| ||||||
| Igno Saitz Search vendor "Igno Saitz" | Libmikmod Search vendor "Igno Saitz" for product "Libmikmod" | 3.1.10-1 Search vendor "Igno Saitz" for product "Libmikmod" and version "3.1.10-1" | - |
Affected
| ||||||
| Igno Saitz Search vendor "Igno Saitz" | Libmikmod Search vendor "Igno Saitz" for product "Libmikmod" | 3.1.10-2 Search vendor "Igno Saitz" for product "Libmikmod" and version "3.1.10-2" | - |
Affected
| ||||||
| Igno Saitz Search vendor "Igno Saitz" | Libmikmod Search vendor "Igno Saitz" for product "Libmikmod" | 3.1.10-3 Search vendor "Igno Saitz" for product "Libmikmod" and version "3.1.10-3" | - |
Affected
| ||||||
| Igno Saitz Search vendor "Igno Saitz" | Libmikmod Search vendor "Igno Saitz" for product "Libmikmod" | 3.1.10-4 Search vendor "Igno Saitz" for product "Libmikmod" and version "3.1.10-4" | - |
Affected
| ||||||
| Igno Saitz Search vendor "Igno Saitz" | Libmikmod Search vendor "Igno Saitz" for product "Libmikmod" | 3.1.10-5 Search vendor "Igno Saitz" for product "Libmikmod" and version "3.1.10-5" | - |
Affected
| ||||||
| Igno Saitz Search vendor "Igno Saitz" | Libmikmod Search vendor "Igno Saitz" for product "Libmikmod" | 3.1.11-1 Search vendor "Igno Saitz" for product "Libmikmod" and version "3.1.11-1" | - |
Affected
| ||||||
| Igno Saitz Search vendor "Igno Saitz" | Libmikmod Search vendor "Igno Saitz" for product "Libmikmod" | 3.1.11-2 Search vendor "Igno Saitz" for product "Libmikmod" and version "3.1.11-2" | - |
Affected
| ||||||
| Igno Saitz Search vendor "Igno Saitz" | Libmikmod Search vendor "Igno Saitz" for product "Libmikmod" | 3.1.11-3 Search vendor "Igno Saitz" for product "Libmikmod" and version "3.1.11-3" | - |
Affected
| ||||||
| Igno Saitz Search vendor "Igno Saitz" | Libmikmod Search vendor "Igno Saitz" for product "Libmikmod" | 3.1.11-4 Search vendor "Igno Saitz" for product "Libmikmod" and version "3.1.11-4" | - |
Affected
| ||||||
| Igno Saitz Search vendor "Igno Saitz" | Libmikmod Search vendor "Igno Saitz" for product "Libmikmod" | 3.1.11-5 Search vendor "Igno Saitz" for product "Libmikmod" and version "3.1.11-5" | - |
Affected
| ||||||
| Igno Saitz Search vendor "Igno Saitz" | Libmikmod Search vendor "Igno Saitz" for product "Libmikmod" | 3.1.11-6 Search vendor "Igno Saitz" for product "Libmikmod" and version "3.1.11-6" | - |
Affected
| ||||||
| Igno Saitz Search vendor "Igno Saitz" | Libmikmod Search vendor "Igno Saitz" for product "Libmikmod" | 3.1.12 Search vendor "Igno Saitz" for product "Libmikmod" and version "3.1.12" | - |
Affected
| ||||||
| Igno Saitz Search vendor "Igno Saitz" | Libmikmod Search vendor "Igno Saitz" for product "Libmikmod" | 3.2.0 Search vendor "Igno Saitz" for product "Libmikmod" and version "3.2.0" | - |
Affected
| ||||||