oss-sec mailing list archives

Re: CVE Request -- libmodplug

From: "Steven M. Christey" <coley () linus mitre org>
Date: Thu, 21 May 2009 18:55:21 -0400 (EDT)


On Wed, 29 Apr 2009, Jan Lieskovsky wrote:

  apologize for not sending these all at once, but noticed
  the following one only today. There is another buffer
  overflow (DoS) vulnerability in libmodplug -- this time
  in PAT sample loader.


======================================================
Name: CVE-2009-1513
Status: Candidate
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1513
Reference: 
CONFIRM:http://modplug-xmms.git.sourceforge.net/git/gitweb.cgi?p=modplug-xmms;a=commitdiff;h=c4ebb701be6ee9a296a44fdac5a20b7739ff0595
Reference: CONFIRM:http://sourceforge.net/project/shownotes.php?release_id=678622&group_id=1275
Reference: CONFIRM:http://sourceforge.net/tracker/?func=detail&aid=2777467&group_id=1275&atid=301275
Reference: UBUNTU:USN-771-1
Reference: URL:http://www.ubuntu.com/usn/USN-771-1
Reference: BID:34747
Reference: URL:http://www.securityfocus.com/bid/34747
Reference: OSVDB:54109
Reference: URL:http://osvdb.org/54109
Reference: SECUNIA:34927
Reference: URL:http://secunia.com/advisories/34927
Reference: SECUNIA:35026
Reference: URL:http://secunia.com/advisories/35026
Reference: VUPEN:ADV-2009-1200
Reference: URL:http://www.vupen.com/english/advisories/2009/1200

Buffer overflow in the PATinst function in src/load_pat.cpp in
libmodplug before 0.8.7 allows user-assisted remote attackers to cause
a denial of service and possibly execute arbitrary code via a long
instrument name.

Current thread:

CVE Request -- libmodplug Jan Lieskovsky (Apr 21)
- Re: CVE Request -- libmodplug Jan Lieskovsky (Apr 27)
  - Re: CVE Request -- libmodplug Jan Lieskovsky (Apr 29)
    - Re: CVE Request -- libmodplug Steven M. Christey (May 21)
- Re: CVE Request -- libmodplug Steven M. Christey (May 21)