Launchpad.net

CVE 2009-1513

Buffer overflow in the PATinst function in src/load_pat.cpp in libmodplug before 0.8.7 allows user-assisted remote attackers to cause a denial of service and possibly execute arbitrary code via a long instrument name.

Related bugs and status

CVE-2009-1513 (Candidate) is related to these bugs:

Bug #375774: Fix vulnerabilities in libmodplug

Summary				In	Importance	Status
	375774	Fix vulnerabilities in libmodplug		The Dell Mini Project	Undecided	Confirmed

Bug #376035: USN-771-1's description mistake

Summary				In	Importance	Status
	376035	USN-771-1's description mistake		Ubuntu	Undecided	Fix Released

See the

CVE page on Mitre.org for more details.

References

CONFIRM: http://modplug-xmms.gi...
BID: 34747
OSVDB: 54109
SECUNIA: 34927
VUPEN: ADV-2009-1200
UBUNTU: USN-771-1
SECUNIA: 35026
MLIST: [oss-security] 2009042...
CONFIRM: http://bugs.debian.org...
MANDRIVA: MDVSA-2009:128
GENTOO: GLSA-200907-07
SECUNIA: 35736
DEBIAN: DSA-1850
SECUNIA: 36158
CONFIRM: http://sourceforge.net...
CONFIRM: http://sourceforge.net...
CONFIRM: http://modplug-xmms.cv...