VDB

CVE-2006-4192

CVE-2006-4192 PUBLISHED

Reported by mitre · Published August 17, 2006

Multiple buffer overflows in MODPlug Tracker (OpenMPT) 1.17.02.43 and earlier and libmodplug 0.8 and earlier, as used in GStreamer and possibly other products, allow user-assisted remote attackers to execute arbitrary code via (1) long strings in ITP files used by the CSoundFile::ReadITProject function in soundlib/Load_it.cpp and (2) crafted modules used by the CSoundFile::ReadSample function in soundlib/Sndfile.cpp, as demonstrated by crafted AMF files.

Affected Products

VendorProductVersions
n/an/an/a
n/an/an/a, n/a, n/a

Timeline

  • Aug 17, 2006 CVE Published
  • Feb 4, 2022 EPSS Score
  • Mar 29, 2022 EPSS Score
  • Jul 12, 2022 EPSS Score
  • Sep 4, 2022 EPSS Score
  • Oct 26, 2022 EPSS Score
  • Feb 9, 2023 EPSS Score
  • Mar 7, 2023 EPSS Score
  • Apr 3, 2023 EPSS Score
  • Jun 20, 2023 EPSS Score
  • Jul 17, 2023 EPSS Score
  • Sep 8, 2023 EPSS Score

References

…and 1 more

Open in Interactive Console →
$ Console Community · 100/wk Open console ›