ALT-PU-2014-2126-1
Closed vulnerabilities
BDU:2015-09432
Уязвимости операционной системы Gentoo Linux, позволяющие удаленному злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации
Modified: 2024-11-21
CVE-2007-6720
libmikmod 3.1.9 through 3.2.0, as used by MikMod, SDL-mixer, and possibly other products, relies on the channel count of the last loaded song, rather than the currently playing song, for certain playback calculations, which allows user-assisted attackers to cause a denial of service (application crash) by loading multiple songs (aka MOD files) with different numbers of channels.
- http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=422021
- http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=422021
- http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=461519
- http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=461519
- SUSE-SR:2009:006
- SUSE-SR:2009:006
- [oss-security] 20090113 CVE Request -- libmikmod
- [oss-security] 20090113 CVE Request -- libmikmod
- 34259
- 34259
- http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html
- http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html
- 33235
- 33235
- https://bugzilla.redhat.com/show_bug.cgi?id=479829
- https://bugzilla.redhat.com/show_bug.cgi?id=479829
- FEDORA-2009-9095
- FEDORA-2009-9095
- FEDORA-2009-9112
- FEDORA-2009-9112
Modified: 2009-09-02
CVE-2009-0179
libmikmod 3.1.11 through 3.2.0, as used by MikMod and possibly other products, allows user-assisted attackers to cause a denial of service (application crash) by loading an XM file.
Modified: 2018-10-10
CVE-2009-3995
Multiple heap-based buffer overflows in IN_MOD.DLL (aka the Module Decoder Plug-in) in Winamp before 5.57, and libmikmod 3.1.12, might allow remote attackers to execute arbitrary code via (1) crafted samples or (2) crafted instrument definitions in an Impulse Tracker file. NOTE: some of these details are obtained from third party information.
- 37374
- http://forums.winamp.com/showthread.php?threadid=315355
- ADV-2009-3575
- http://secunia.com/secunia_research/2009-53/
- 37495
- http://secunia.com/secunia_research/2009-52/
- SUSE-SR:2010:011
- http://secunia.com/secunia_research/2009-55/
- ADV-2010-1107
- 40799
- ADV-2010-1957
- MDVSA-2010:151
- 20091217 Secunia Research: Winamp Impulse Tracker Instrument Parsing Buffer Overflows
- 20091217 Secunia Research: Winamp Impulse Tracker Sample Parsing Buffer Overflow
Modified: 2018-10-10
CVE-2009-3996
Heap-based buffer overflow in IN_MOD.DLL (aka the Module Decoder Plug-in) in Winamp before 5.57, and libmikmod 3.1.12, might allow remote attackers to execute arbitrary code via an Ultratracker file.
Modified: 2023-11-07
CVE-2010-2546
Multiple heap-based buffer overflows in loaders/load_it.c in libmikmod, possibly 3.1.12, might allow remote attackers to execute arbitrary code via (1) crafted samples or (2) crafted instrument definitions in an Impulse Tracker file, related to panpts, pitpts, and IT_ProcessEnvelope. NOTE: some of these details are obtained from third party information. NOTE: this vulnerability exists because of an incomplete fix for CVE-2009-3995.
Modified: 2018-01-05
CVE-2010-2971
loaders/load_it.c in libmikmod, possibly 3.1.12, does not properly account for the larger size of name##env relative to name##tick and name##node, which allows remote attackers to trigger a buffer over-read and possibly have unspecified other impact via a crafted Impulse Tracker file, a related issue to CVE-2010-2546. NOTE: this issue exists because of an incomplete fix for CVE-2009-3995.