/[advisories]/11170.adv
ViewVC logotype

Contents of /11170.adv

Parent Directory Parent Directory | Revision Log Revision Log


Revision 419 - (show annotations) (download)
Thu Sep 5 19:56:02 2013 UTC (10 years, 6 months ago) by davidwhodgins
File size: 757 byte(s)
Adding security advisory for libmodplug mga#11170
1 type: security
2 subject: Updated libmodplug packages fixes security vulnerabilities
3 CVE:
4 - CVE-2013-4233
5 - CVE-2013-4234
6 src:
7 2:
8 core:
9 - libmodplug-0.8.8.4-1.1.mga2
10 3:
11 core:
12 - libmodplug-0.8.8.4-3.1.mga3
13 description: |
14 An integer overflow within the "abc_set_parts()" function
15 (src/load_abc.cpp) can be exploited to corrupt heap memory via a specially
16 crafted ABC file (CVE-2013-4233).
17
18 An error within the "abc_MIDI_drum()" and "abc_MIDI_gchord()" functions
19 (src/load_abc.cpp) can be exploited to cause a buffer overflow via a
20 specially crafted ABC file (CVE-2013-4234).
21 references:
22 - https://bugs.mageia.org/show_bug.cgi?id=11170
23 - https://secunia.com/advisories/54388/
24 - http://www.debian.org/security/2013/dsa-2751

  ViewVC Help
Powered by ViewVC 1.1.30