VDB
CVE-2011-2913
CVE-2011-2913
PUBLISHED
CVSS 6.800000190734863 MEDIUM
Off-by-one error in the CSoundFile::ReadAMS function in src/load_ams.cpp in libmodplug before 0.8.8.4 allows remote attackers to cause a denial of service (stack memory corruption) and possibly execute arbitrary code via a crafted AMS file with a large number of samples.
EPSS 2.46% · 85.5th percentile
Risk Scores
CVSS 2.0
6.800000190734863
EPSS Score
2.46%
85.5th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| n/a | n/a | n/a |
| konstanty_bialkowski | libmodplug | 0, 0.8, 0.8.4 |
Timeline
- Jun 7, 2012 CVE Published
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- Jul 12, 2022 EPSS Score
- Sep 4, 2022 EPSS Score
- Oct 26, 2022 EPSS Score
- Feb 9, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- Apr 2, 2023 EPSS Score
- May 25, 2023 EPSS Score
- Sep 7, 2023 EPSS Score
- Oct 30, 2023 EPSS Score
References
- http://secunia.com/advisories/46032 advisory
- FEDORA-2011-12370 vendor-advisory
- [oss-security] 20120810 CVE request: libmodplug: multiple vulnerabilities reported in <= 0.8.8.3 mailing-list
- DSA-2415 vendor-advisory
- http://sourceforge.net/projects/modplug-xmms/files/libmodplug/0.8.8.4/ url
- GLSA-201203-16 vendor-advisory
- FEDORA-2011-10503 vendor-advisory
- 45131 third-party-advisory
- [oss-security] 20120812 Re: CVE request: libmodplug: multiple vulnerabilities reported in <= 0.8.8.3 mailing-list
- http://modplug-xmms.git.sourceforge.net/git/gitweb.cgi?p=modplug-xmms/modplug-xmms%3Ba=commitdiff%3Bh=26243ab9fe1171f70053e9aec4b20e9f7de9e4ef url
- 48058 third-party-advisory
- 46793 third-party-advisory
- 48439 third-party-advisory
- 45742 third-party-advisory
- USN-1255-1 vendor-advisory
- openSUSE-SU-2011:0943 vendor-advisory
- 48434 third-party-advisory
- 48979 vdb
- GLSA-201203-14 vendor-advisory
- 45901 third-party-advisory
…and 9 more