← voltar
CVE-2006-4192

CVE-2006-4192

EPSS 8.3%
Multiple buffer overflows in MODPlug Tracker (OpenMPT) 1.17.02.43 and earlier and libmodplug 0.8 and earlier, as used in GStreamer and possibly other products, allow user-assisted remote attackers to execute arbitrary code via (1) long strings in ITP files used by the CSoundFile::ReadITProject function in soundlib/Load_it.cpp and (2) crafted modules used by the CSoundFile::ReadSample function in soundlib/Sndfile.cpp, as demonstrated by crafted AMF files.
Produtos afetados
n/a · n/a
PoCs públicas encontradas1
exploitdbwww.exploit-db.com/exploits/2160não verificado
⚠ Recursos públicos, para você avaliar a exposição de sistemas que controla ou está autorizado a testar. Teste apenas com autorização.

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
http://aluigi.altervista.org/adv/mptho-adv.txthttp://cgit.freedesktop.org/gstreamer/gst-plugins-bad/commit/?id=bc2cdd57d549ab3ba59782e9b395d0cd683fd3achttps://bugzilla.redhat.com/show_bug.cgi?id=497154http://secunia.com/advisories/21418http://secunia.com/advisories/22080http://secunia.com/advisories/22658http://secunia.com/advisories/23294http://secunia.com/advisories/23555http://secunia.com/advisories/26979http://security.gentoo.org/glsa/glsa-200612-04.xmlhttp://securityreason.com/securityalert/1397https://exchange.xforce.ibmcloud.com/vulnerabilities/28305