CVE-2006-3668
CVE-2006-3668
Heap-based buffer overflow in the it_read_envelope function in Dynamic Universal Music Bibliotheque (DUMB) 0.9.3 and earlier and current CVS as of 20060716, including libdumb, allows user-assisted attackers to execute arbitrary code via a ".it" (Impulse Tracker) file with an envelope with a large number of nodes.
Affected products
n/a · n/apublic PoCs found — 1
exploitdbwww.exploit-db.com/exploits/2037unverified⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.
Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
http://aluigi.altervista.org/adv/dumbit-adv.txthttp://secunia.com/advisories/21092http://secunia.com/advisories/21184http://secunia.com/advisories/21416http://securityreason.com/securityalert/1240https://exchange.xforce.ibmcloud.com/vulnerabilities/27789http://www.debian.org/security/2006/dsa-1123http://www.gentoo.org/security/en/glsa/glsa-200608-14.xmlhttp://www.securityfocus.com/bid/19025http://www.vupen.com/english/advisories/2006/2835