Vulnerability Name: | CVE-2011-1574 (CCN-66628) | ||||||||||||||||||||
Assigned: | 2011-04-07 | ||||||||||||||||||||
Published: | 2011-04-07 | ||||||||||||||||||||
Updated: | 2023-02-13 | ||||||||||||||||||||
Summary: | Stack-based buffer overflow in the ReadS3M method in load_s3m.cpp in libmodplug before 0.8.8.2 allows remote attackers to execute arbitrary code via a crafted S3M file. | ||||||||||||||||||||
CVSS v3 Severity: | 7.3 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)
| ||||||||||||||||||||
CVSS v2 Severity: | 6.8 Medium (CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P) 5.0 Medium (Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C)
5.0 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C)
5.0 Medium (REDHAT Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C)
| ||||||||||||||||||||
Vulnerability Consequences: | Gain Access | ||||||||||||||||||||
References: | Source: secalert@redhat.com Type: Patch secalert@redhat.com Source: MITRE Type: CNA CVE-2011-1574 Source: secalert@redhat.com Type: UNKNOWN secalert@redhat.com Source: CCN Type: ModPlug XMMS Plugin Web site ModPlug XMMS Plugin Source: secalert@redhat.com Type: Exploit, Patch secalert@redhat.com Source: secalert@redhat.com Type: Exploit, Patch secalert@redhat.com Source: CCN Type: RHSA-2011-0477 Important: gstreamer-plugins security update Source: CCN Type: SA44054 libmodplug CSoundFile::ReadS3M() Buffer Overflow Vulnerability Source: CCN Type: SA44064 VLC Media Player libmodplug Buffer Overflow Vulnerability Source: secalert@redhat.com Type: UNKNOWN secalert@redhat.com Source: secalert@redhat.com Type: UNKNOWN secalert@redhat.com Source: secalert@redhat.com Type: UNKNOWN secalert@redhat.com Source: DEBIAN Type: DSA-2226 libmodplug -- buffer overflow Source: secalert@redhat.com Type: UNKNOWN secalert@redhat.com Source: secalert@redhat.com Type: UNKNOWN secalert@redhat.com Source: CCN Type: OSVDB ID: 72143 libmodplug CSoundFile::ReadS3M() Function S3M File Handling Overflow Source: CCN Type: BID-47248 libmodplug 'S3M' Stack Based Buffer Overflow Vulnerability Source: secalert@redhat.com Type: Exploit, Patch secalert@redhat.com Source: XF Type: UNKNOWN libmodplug-csoundfile-bo(66628) Source: secalert@redhat.com Type: UNKNOWN secalert@redhat.com Source: EXPLOIT-DB Type: EXPLOIT Offensive Security Exploit Database [04-09-2011] Source: EXPLOIT-DB Type: EXPLOIT Offensive Security Exploit Database [04-08-2011] Source: CCN Type: SEC Consult Vulnerability Lab Security Advisory < 20110407-0 > Libmodplug ReadS3M Stack Overflow Source: secalert@redhat.com Type: Exploit secalert@redhat.com Source: SUSE Type: SUSE-SR:2011:007 SUSE Security Summary Report Source: secalert@redhat.com Type: UNKNOWN secalert@redhat.com | ||||||||||||||||||||
Vulnerable Configuration: | Configuration RedHat 1: Configuration CCN 1: Denotes that component is vulnerable | ||||||||||||||||||||
Oval Definitions | |||||||||||||||||||||
| |||||||||||||||||||||
BACK |