[Secure-testing-team] Bug#526657: CVE-2009-1438: libmodplug "CSoundFile::ReadMed()" Integer Overflow Vulnerability
Giuseppe Iuculano
giuseppe at iuculano.it
Sat May 2 15:19:04 UTC 2009
Package: libmodplug
Version: 1:0.8.4-5
Severity: grave
Tags: security patch
Hi,
the following CVE (Common Vulnerabilities & Exposures) id was
published for libmodplug:
CVE-2009-1438[1]
Integer overflow in the CSoundFile::ReadMed function (src/load_med.cpp) in
libmodplug before 0.8.6, as used in gstreamer-plugins and other products, allows
context-dependent attackers to execute arbitrary code via a MED file with a
crafted (1) song comment or (2) song name, which triggers a heap-based buffer
overflow.
Patch:[2]
If you fix the vulnerability please also make sure to include the CVE id
in the changelog entry.
[1]http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1438
[2]http://modplug-xmms.cvs.sourceforge.net/viewvc/modplug-xmms/libmodplug/src/load_med.cpp?r1=1.1&r2=1.3&view=patch
Cheers,
Giuseppe.
More information about the Secure-testing-team
mailing list