|
|
CVE Reference: CVE-2006-4192 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2006-4192 |
|
|
Description: Multiple buffer overflows in MODPlug Tracker (OpenMPT) 1.17.02.43 and earlier and libmodplug 0.8 and earlier, as used in GStreamer and possibly other products, allow user-assisted remote attackers to execute arbitrary code via (1) long strings in ITP files used by the CSoundFile::ReadITProject function in soundlib/Load_it.cpp and (2) crafted modules used by the CSoundFile::ReadSample function in soundlib/Sndfile.cpp, as demonstrated by crafted AMF files. |
|
|
CVE Status: Candidate |
|
|
References: XF http://xforce.iss.net/xforce/xfdb/28305 http://xforce.iss.net/xforce/xfdb/28309 UBUNTU http://www.ubuntu.com/usn/usn-521-1 SUSE http://www.novell.com/linux/security/advisories/2006_23_sr.html SREASON http://securityreason.com/securityalert/1397 SAID Secunia Advisory: SA21418 Secunia Advisory: SA22658 Secunia Advisory: SA22080 Secunia Advisory: SA23294 Secunia Advisory: SA23555 Secunia Advisory: SA26979 REDHAT MISC http://aluigi.altervista.org/adv/mptho-adv.txt MANDRIVA http://www.mandriva.com/security/advisories?name=MDKSA-2007:001 GENTOO http://security.gentoo.org/glsa/glsa-200612-04.xml CONFIRM http://cgit.freedesktop.org/gstreamer/gst-plugins-bad/commit/?id=bc2cdd57d549ab3ba59782e9b395d0cd683fd3ac BUGTRAQ http://www.securityfocus.com/archive/1/archive/1/442721/100/100/threaded BID 19448 |
|
| Return to the previous page. |
