CVE-2006-4192 - Secunia Advisories - Vulnerability Information

CVE Reference: CVE-2006-4192
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2006-4192

Description: Multiple buffer overflows in MODPlug Tracker (OpenMPT) 1.17.02.43 and earlier and libmodplug 0.8 and earlier allow user-assisted remote attackers to execute arbitrary code via (1) long strings in ITP files used by the CSoundFile::ReadITProject function in soundlib/Load_it.cpp and (2) crafted modules used by the CSoundFile::ReadSample function in soundlib/Sndfile.cpp, as demonstrated by crafted AMF files.

CVE Status: Candidate

References: XF http://xforce.iss.net/xforce/xfdb/28305 http://xforce.iss.net/xforce/xfdb/28309 UBUNTU http://www.ubuntu.com/usn/usn-521-1 SUSE http://www.novell.com/linux/security/advisories/2006_23_sr.html SREASON http://securityreason.com/securityalert/1397 SAID Secunia Advisory: SA26979 Secunia Advisory: SA23555 Secunia Advisory: SA23294 Secunia Advisory: SA22080 Secunia Advisory: SA22658 Secunia Advisory: SA21418 MISC http://aluigi.altervista.org/adv/mptho-adv.txt MANDRIVA http://www.mandriva.com/security/advisories?name=MDKSA-2007:001 GENTOO http://security.gentoo.org/glsa/glsa-200612-04.xml BUGTRAQ http://www.securityfocus.com/archive/1/archive/1/442721/100/100/threaded BID 19448

Return to the previous page.