CVE-2011-2914
Publication date 6 October 2011
Last updated 24 July 2024
Ubuntu priority
Off-by-one error in the CSoundFile::ReadDSM function in src/load_dms.cpp in libmodplug before 0.8.8.4 allows remote attackers to cause a denial of service (memory corruption) and possibly execute arbitrary code via a crafted DSM file with a large number of samples.
Status
Package | Ubuntu Release | Status |
---|---|---|
gst-plugins-bad0.10 | 11.10 oneiric |
Not affected
|
11.04 natty |
Not affected
|
|
10.10 maverick |
Not affected
|
|
10.04 LTS lucid |
Not affected
|
|
8.04 LTS hardy | Ignored end of life | |
libmodplug | 11.10 oneiric |
Fixed 1:0.8.8.2-3ubuntu1.1
|
11.04 natty |
Fixed 1:0.8.8.1-2ubuntu0.3
|
|
10.10 maverick |
Fixed 1:0.8.8.1-1ubuntu1.3
|
|
10.04 LTS lucid |
Fixed 1:0.8.7-1ubuntu0.3
|
|
8.04 LTS hardy | Ignored end of life |
Patch details
Package | Patch details |
---|---|
libmodplug |
References
Related Ubuntu Security Notices (USN)
- USN-1255-1
- libmodplug vulnerabilities
- 9 November 2011