mirror of
https://github.com/0xMarcio/cve.git
synced 2026-05-26 09:28:10 +02:00
0xMarcio
863 B
863 B
CVE-2009-1438
Description
Integer overflow in the CSoundFile::ReadMed function (src/load_med.cpp) in libmodplug before 0.8.6, as used in gstreamer-plugins, TTPlayer, and other products, allows context-dependent attackers to execute arbitrary code via a MED file with a crafted (1) song comment or (2) song name, which triggers a heap-based buffer overflow, as exploited in the wild in August 2008.