VDB
CVE-2011-2912
CVE-2011-2912
PUBLISHED
CVSS 6.800000190734863 MEDIUM
Stack-based buffer overflow in the CSoundFile::ReadS3M function in src/load_s3m.cpp in libmodplug before 0.8.8.4 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted S3M file with an invalid offset.
EPSS 2.14% · 84.6th percentile
Risk Scores
CVSS 2.0
6.800000190734863
EPSS Score
2.14%
84.6th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| n/a | n/a | * |
| konstanty_bialkowski | libmodplug | 0, 0.8, 0.8.4 |
Timeline
- Jun 7, 2012 CVE Published
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- Jul 12, 2022 EPSS Score
- Sep 4, 2022 EPSS Score
- Oct 26, 2022 EPSS Score
- Feb 9, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- Apr 2, 2023 EPSS Score
- May 25, 2023 EPSS Score
- Sep 7, 2023 EPSS Score
- Oct 30, 2023 EPSS Score
References
- FEDORA-2011-12370 vendor-advisory
- [oss-security] 20120810 CVE request: libmodplug: multiple vulnerabilities reported in <= 0.8.8.3 mailing-list
- DSA-2415 vendor-advisory
- http://sourceforge.net/projects/modplug-xmms/files/libmodplug/0.8.8.4/ url
- GLSA-201203-16 vendor-advisory
- FEDORA-2011-10503 vendor-advisory
- 45131 third-party-advisory
- [oss-security] 20120812 Re: CVE request: libmodplug: multiple vulnerabilities reported in <= 0.8.8.3 mailing-list
- 48058 third-party-advisory
- 46032 third-party-advisory
- 46793 third-party-advisory
- 48439 third-party-advisory
- 45742 third-party-advisory
- USN-1255-1 vendor-advisory
- http://modplug-xmms.git.sourceforge.net/git/gitweb.cgi?p=modplug-xmms/modplug-xmms%3Ba=commitdiff%3Bh=f4e5295658fff000379caa122e75c9200205fe20 url
- openSUSE-SU-2011:0943 vendor-advisory
- 48434 third-party-advisory
- libmodplug-s3m-bo(68984) vdb
- 48979 vdb
- GLSA-201203-14 vendor-advisory
…and 9 more