Secunia Research has discovered some vulnerabilities in libmikmod,
which can be exploited by malicious people to potentially compromise a
user's system.
1) Three boundary errors in the Impulse Tracker parser when parsing
an instrument containing a column, panning, or pitch envelope with
more than ENVPOINTS (32) points can result in a heap-based buffer
overflow.
2) A boundary error in the Ultratracker parser when parsing a file
It was discovered that libMikMod incorrectly handled certain malformed XM
files. If a user were tricked into opening a crafted XM file, an attacker
could cause a denial of service. (CVE-2009-0179)
It was discovered that libMikMod incorrectly handled certain malformed
Impulse Tracker files. If a user were tricked into opening a crafted
Impulse Tracker file, an attacker could cause a denial of service or
possibly execute arbitrary code with the privileges of the user invoking
the program. (CVE-2009-3995, CVE-2010-2546, CVE-2010-2971)
It was discovered that libMikMod incorrectly handled certain malformed
======================================================================
Secunia Research 17/12/2009
- Winamp Impulse Tracker Instrument Parsing Buffer Overflows -
======================================================================
Table of Contents
Affected Software....................................................1
Debian-specific: no
CVE Id(s) : CVE-2009-3995 CVE-2009-3996
Dyon Balding discovered buffer overflows in the MikMod sound library,
which could lead to the execution of arbitrary code if a user is
tricked into opening malformed Impulse Tracker or Ultratracker sound
files.
For the stable distribution (lenny), these problems have been fixed in
version 3.1.11-6+lenny1.
======================================================================
Secunia Research 17/12/2009
- Winamp Impulse Tracker Sample Parsing Buffer Overflow -
======================================================================
Table of Contents
Affected Software....................................................1
A vulnerability has been discovered and corrected in libmikmod:
Multiple heap-based buffer overflows might allow remote attackers
to execute arbitrary code via (1) crafted samples or (2) crafted
instrument definitions in an Impulse Tracker file (CVE-2009-3995).
Packages for 2008.0 and 2009.0 are provided as of the Extended
Maintenance Program. Please visit this link to learn more:
http://store.mandriva.com/product_info.php?cPath=149&products_id=490
