Pardus: 2011-112: libmodplug: Multiple - The Community's Center for Security


The central voice for Linux and Open Source security news

Welcome!

Sign up!

EnGarde Community

Polls

What is the most important Linux security technology?

	SELinux
	grsecurity
	CIS Benchmark
	Bastille Linux
	iptables
	LIDS

Advisories

Community

Linux Events

Linux User Groups

Link to Us

Security Center

Book Reviews

Security Dictionary

Security Tips

SELinux

White Papers

Featured Blogs

All About Linux

DanWalsh LiveJournal

Securitydistro

Latest Newsletters

Linux Security Week: May 20th, 2013

Linux Advisory Watch: May 17th, 2013

LinuxSecurity Newsletters

RSS Feeds

Get the LinuxSecurity news you want faster with RSS

Pardus: 2011-112: libmodplug: Multiple

User Rating:

How can I rate this item?

Posted by Benjamin D. Thomas

Multiple vulnerabilities have been fixed in libmodplug.

------------------------------------------------------------------------
Pardus Linux Security Advisory 2011-112           security@pardus.org.tr
------------------------------------------------------------------------
      Date: 2011-09-05
      Type: Local
------------------------------------------------------------------------

Summary
======
Multiple vulnerabilities have been fixed in libmodplug.


Description
==========
CVE-2011-2911:

An integer overflow error  exists  within  the  "CSoundFile::ReadWav()"
function (src/load_wav.cpp) when processing certain WAV files. This can
be exploited to cause a heap-based buffer overflow by tricking  a  user
into opening a specially

crafted WAV file.



CVE-2011-2912:

Boundary   errors within   the    "CSoundFile::ReadS3M()"    function
(src/load_s3m.cpp) when processing S3M files can be exploited to  cause
stack-based buffer overflows by tricking a user into opening a specially
crafted S3M file.



CVE-2011-2913:

An  off-by-one error  within  the   "CSoundFile::ReadAMS()"   function
(src/load_ams.cpp) can be exploited to  cause  a  stack  corruption  by
tricking a user into opening a specially crafted AMS file.



CVE-2011-2914:

An  off-by-one error  within  the   "CSoundFile::ReadDSM()"   function
(src/load_dms.cpp) can be exploited to cause  a  memory  corruption  by
tricking a user into opening a specially crafted DSM file.



CVE-2011-2915:

An  off-by-one error  within  the  "CSoundFile::ReadAMS2()"   function
(src/load_ams.cpp) can be exploited to cause  a  memory  corruption  by
tricking a user into opening a specially crafted AMS file.



Affected packages:

  Pardus 2009:
    libmodplug, all before 0.8.7-7-7
  Pardus 2011:
    libmodplug, all before 0.8.8.1-7


Resolution
=========
There are update(s) for libmodplug. You can  update  them  via  Package
Manager or with a single command from console:

  Pardus 2009:
    pisi up libmodplug

  Pardus 2011:
    pisi up libmodplug


References
=========
  * http://bugs.pardus.org.tr/show_bug.cgi?id917

------------------------------------------------------------------------