libmodplug 'load_pat.c' Remote Buffer Overflow Vulnerability

The libmodplug library is prone to a remote buffer-overflow vulnerability because the software fails to perform adequate boundary checks on user-supplied data.

An attacker can exploit this issue to execute arbitrary code with the privileges of the user running an application that relies on the affected library. Failed exploit attempts will result in a denial-of-service condition.

This issue affects versions prior to libmodplug 0.8.7.

NOTE: Since the library is used in multiple projects (such as TTPlayer and gst-plugins-bad), other applications and versions may also be vulnerable.


 

Privacy Statement
Copyright 2010, SecurityFocus