Описание
In libopenmpt before 0.3.19 and 0.4.x before 0.4.9, ModPlug_InstrumentName and ModPlug_SampleName in libopenmpt_modplug.c do not restrict the lengths of libmodplug output-buffer strings in the C API, leading to a buffer overflow.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | ignored | end of standard support, was needed |
| devel | needed | |
| disco | ignored | end of life |
| eoan | ignored | end of life |
| esm-apps/bionic | needed | |
| esm-apps/focal | not-affected | 0.4.9-1 |
| esm-apps/jammy | not-affected | code not present |
| esm-apps/noble | needed | |
| esm-infra-legacy/trusty | DNE | |
| focal | not-affected | 0.4.9-1 |
Показывать по
10
Ссылки на источники
7.5 High
CVSS2
9.8 Critical
CVSS3
Связанные уязвимости
CVSS3: 9.8
nvd
больше 6 лет назад
In libopenmpt before 0.3.19 and 0.4.x before 0.4.9, ModPlug_InstrumentName and ModPlug_SampleName in libopenmpt_modplug.c do not restrict the lengths of libmodplug output-buffer strings in the C API, leading to a buffer overflow.
CVSS3: 9.8
debian
больше 6 лет назад
In libopenmpt before 0.3.19 and 0.4.x before 0.4.9, ModPlug_Instrument ...
7.5 High
CVSS2
9.8 Critical
CVSS3