Loïc Minier
2007-Jan-22 16:51 UTC
[Secure-testing-team] Re: libmodplug: CVE-2006-4192: buffer/heap overflow -> arbitrary code execution as user
Hi, I noticed you reported this CVE against libmodplug: On Thu, Aug 17, 2006, Alec Berryman wrote:> CVE-2006-4192: "Multiple buffer overflows in MODPlug Tracker (OpenMPT) > 1.17.02.43 and earlier and libmodplug 0.8 and earlier allow > user-assisted remote attackers to execute arbitrary code via (1) long > strings in ITP files used by the CSoundFile::ReadITProject function in > soundlib/Load_it.cpp and (2) crafted modules used by the > CSoundFile::ReadSample function in soundlib/Sndfile.cpp, as demonstrated > by crafted AMF files."But gst-plugins-bad0.10 is affected as well. (I''ve filed a bug against gst-plugins-bad0.10, but it didn''t arrive yet.) Could you please add gst-plugins-bad0.10 to the embedded-code-copies file for libmodplug? (Please Cc: me, I''m not on the list.) Thanks, -- Lo?c Minier <lool@dooz.org>
Stefan Fritsch
2007-Jan-22 18:30 UTC
[Secure-testing-team] Re: libmodplug: CVE-2006-4192: buffer/heap overflow -> arbitrary code execution as user
On Monday 22 January 2007 16:32, Lo?c Minier wrote:> But gst-plugins-bad0.10 is affected as well. (I''ve filed a bug > against gst-plugins-bad0.10, but it didn''t arrive yet.) > > Could you please add gst-plugins-bad0.10 to the > embedded-code-copies file for libmodplug?Done. Thanks for notifying us. Cheers, Stefan