Debian: DSA-2415-1: libmodplug security update

    Date21 Feb 2012
    CategoryDebian
    48
    Posted ByLinuxSecurity Advisories
    Several vulnerabilities that can lead to the execution of arbitrary code have been discovered in libmodplug, a library for mod music based on ModPlug. The Common Vulnerabilities and Exposures project identifies the following issues:
    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA1
    
    - -------------------------------------------------------------------------
    Debian Security Advisory DSA-2415-1                   This email address is being protected from spambots. You need JavaScript enabled to view it.
    	
    http://www.debian.org/security/                                Nico Golde
    February 21, 2012                      http://www.debian.org/security/faq
    - -------------------------------------------------------------------------
    
    Package        : libmodplug
    Vulnerability  : several
    Problem type   : local
    Debian-specific: no
    CVE ID         : CVE-2011-1761 CVE-2011-2911 CVE-2011-2912 CVE-2011-2913
                     CVE-2011-2914 CVE-2011-2915
    
    Several vulnerabilities that can lead to the execution of arbitrary code
    have been discovered in libmodplug, a library for mod music based on
    ModPlug.  The Common Vulnerabilities and Exposures project identifies
    the following issues:
    
    CVE-2011-1761
    
        epiphant discovered that the abc file parser is vulnerable to several
        stack-based buffer overflows that potentially lead to the execution
        of arbitrary code.
    
    CVE-2011-2911
    
        Hossein Lotfi of Secunia discovered that the CSoundFile::ReadWav
        function is vulnerable to an integer overflow which leads to a
        heap-based buffer overflow.  An attacker can exploit this flaw to
        potentially execute arbitrary code by tricking a victim into opening
        crafted WAV files.
    
    CVE-2011-2912
    
        Hossein Lotfi of Secunia discovered that the CSoundFile::ReadS3M
        function is vulnerable to a stack-based buffer overflow.  An attacker
        can exploit this flaw to potentially execute arbitrary code by
        tricking a victim into opening crafted S3M files.
    
    CVE-2011-2913
    
        Hossein Lotfi of Secunia discovered that the CSoundFile::ReadAMS
        function suffers from an off-by-one vulnerability that leads to 
        memory corruption.  An attacker can exploit this flaw to potentially
        execute arbitrary code by tricking a victim into opening crafted AMS
        files.
    
    CVE-2011-2914
    
        It was discovered that the CSoundFile::ReadDSM function suffers
        from an off-by-one vulnerability that leads to memory corruption.
        An attacker can exploit this flaw to potentially execute arbitrary
        code by tricking a victim into opening crafted DSM files.
    
    CVE-2011-2915
    
        It was discovered that the CSoundFile::ReadAMS2 function suffers
        from an off-by-one vulnerability that leads to memory corruption.
        An attacker can exploit this flaw to potentially execute arbitrary
        code by tricking a victim into opening crafted AMS files.
    
    
    For the stable distribution (squeeze), this problem has been fixed in
    version 1:0.8.8.1-1+squeeze2.
    
    For the testing (wheezy) and unstable (sid) distributions, this problem
    has been fixed in version 1:0.8.8.4-1.
    
    We recommend that you upgrade your libmodplug packages.
    
    Further information about Debian Security Advisories, how to apply
    these updates to your system and frequently asked questions can be
    found at: http://www.debian.org/security/
    
    Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it.
    
    You are not authorised to post comments.

    Comments powered by CComment

    LinuxSecurity Poll

    What do you think of the articles on LinuxSecurity?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 3 answer(s).
    /main-polls/24-what-do-you-think-of-the-quality-of-the-articles-on-linuxsecurity?task=poll.vote&format=json
    24
    radio
    [{"id":"87","title":"Excellent, don't change a thing!","votes":"37","type":"x","order":"1","pct":51.39,"resources":[]},{"id":"88","title":"Should be more technical","votes":"10","type":"x","order":"2","pct":13.89,"resources":[]},{"id":"89","title":"Should include more HOWTOs","votes":"25","type":"x","order":"3","pct":34.72,"resources":[]}]["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"]["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"]350
    bottom200

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.