Executive Summary
Informations | |||
---|---|---|---|
Name | MDVSA-2009:128-1 | First vendor Publication | 2009-12-03 |
Vendor | Mandriva | Last vendor Modification | 2009-12-03 |
Severity (Vendor) | N/A | Revision | N/A |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:P/I:P/A:P) | |||
---|---|---|---|
Cvss Base Score | 7.5 | Attack Range | Network |
Cvss Impact Score | 6.4 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Multiple security vulnerabilities has been identified and fixed in libmodplug: Integer overflow in the CSoundFile::ReadMed function (src/load_med.cpp) in libmodplug before 0.8.6, as used in gstreamer-plugins and other products, allows context-dependent attackers to execute arbitrary code via a MED file with a crafted (1) song comment or (2) song name, which triggers a heap-based buffer overflow (CVE-2009-1438). Buffer overflow in the PATinst function in src/load_pat.cpp in libmodplug before 0.8.7 allows user-assisted remote attackers to cause a denial of service and possibly execute arbitrary code via a long instrument name (CVE-2009-1513). The updated packages have been patched to prevent this. Update: Packages for 2008.0 are being provided due to extended support for Corporate products. |
Original Source
Url : http://www.mandriva.com/security/advisories?name=MDVSA-2009:128-1 |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
50 % | CWE-189 | Numeric Errors (CWE/SANS Top 25) |
50 % | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:13400 | |||
Oval ID: | oval:org.mitre.oval:def:13400 | ||
Title: | USN-771-1 -- libmodplug vulnerabilities | ||
Description: | It was discovered that libmodplug did not correctly handle certain parameters when parsing MED media files. If a user or automated system were tricked into opening a crafted MED file, an attacker could execute arbitrary code with privileges of the user invoking the program. Manfred Tremmel and Stanislav Brabec discovered that libmodplug did not correctly handle long instrument names when parsing PAT sample files. If a user or automated system were tricked into opening a crafted PAT file, an attacker could cause a denial of service or execute arbitrary code with privileges of the user invoking the program. This issue only affected Ubuntu 9.04 | ||
Family: | unix | Class: | patch |
Reference(s): | USN-771-1 CVE-2009-1438 CVE-2009-1513 | Version: | 5 |
Platform(s): | Ubuntu 8.04 Ubuntu 9.04 Ubuntu 6.06 Ubuntu 8.10 | Product(s): | libmodplug |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:13584 | |||
Oval ID: | oval:org.mitre.oval:def:13584 | ||
Title: | DSA-1851-1 gst-plugins-bad0.10 -- integer overflow | ||
Description: | It was discovered that gst-plugins-bad0.10, the GStreamer plugins from the "bad" set, is prone to an integer overflow when processing a MED file with a crafted song comment or song name. For the stable distribution, this problem has been fixed in version 0.10.7-2+lenny2. For the oldstable distribution, this problem has been fixed in version 0.10.3-3.1+etch3. For the testing distribution and the unstable distribution , gst-plugins-bad0.10 links against libmodplug. We recommend that you upgrade your gst-plugins-bad0.10 packages. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-1851-1 CVE-2009-1438 | Version: | 5 |
Platform(s): | Debian GNU/Linux 5.0 Debian GNU/Linux 4.0 | Product(s): | gst-plugins-bad0.10 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:8279 | |||
Oval ID: | oval:org.mitre.oval:def:8279 | ||
Title: | DSA-1851 gst-plugins-bad0.10 -- integer overflow | ||
Description: | It was discovered that gst-plugins-bad0.10, the GStreamer plugins from the "bad" set, is prone to an integer overflow when processing a MED file with a crafted song comment or song name. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-1851 CVE-2009-1438 | Version: | 3 |
Platform(s): | Debian GNU/Linux 5.0 Debian GNU/Linux 4.0 | Product(s): | gst-plugins-bad0.10 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:8306 | |||
Oval ID: | oval:org.mitre.oval:def:8306 | ||
Title: | DSA-1850 libmodplug -- several vulnerabilities | ||
Description: | Several vulnerabilities have been discovered in libmodplug, the shared libraries for mod music based on ModPlug. The Common Vulnerabilities and Exposures project identifies the following problems: It was discovered that libmodplug is prone to an integer overflow when processing a MED file with a crafted song comment or song name. It was discovered that libmodplug is prone to a buffer overflow in the PATinst function, when processing a long instrument name. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-1850 CVE-2009-1438 CVE-2009-1513 | Version: | 3 |
Platform(s): | Debian GNU/Linux 5.0 Debian GNU/Linux 4.0 | Product(s): | libmodplug |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
Type | Description | Count |
---|---|---|
Application | 4 |
OpenVAS Exploits
Date | Description |
---|---|
2009-12-10 | Name : Mandriva Security Advisory MDVSA-2009:128-1 (libmodplug) File : nvt/mdksa_2009_128_1.nasl |
2009-08-17 | Name : Debian Security Advisory DSA 1850-1 (libmodplug) File : nvt/deb_1850_1.nasl |
2009-08-17 | Name : Debian Security Advisory DSA 1851-1 (gst-plugins-bad0.10) File : nvt/deb_1851_1.nasl |
2009-07-29 | Name : Gentoo Security Advisory GLSA 200907-07 (libmodplug gst-plugins-bad) File : nvt/glsa_200907_07.nasl |
2009-07-06 | Name : SuSE Security Summary SUSE-SR:2009:012 File : nvt/suse_sr_2009_012.nasl |
2009-06-09 | Name : Mandrake Security Advisory MDVSA-2009:128 (libmodplug) File : nvt/mdksa_2009_128.nasl |
2009-06-05 | Name : Ubuntu USN-771-1 (libmodplug) File : nvt/ubuntu_771_1.nasl |
2009-05-05 | Name : Fedora Core 9 FEDORA-2009-4064 (libmodplug) File : nvt/fcore_2009_4064.nasl |
2009-05-05 | Name : Fedora Core 10 FEDORA-2009-4068 (libmodplug) File : nvt/fcore_2009_4068.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
54109 | libmodplug src/load_pat.c PATinst() Function Overflow |
53801 | libmodplug src/load_med.cpp CSoundFile::ReadMed() Function MED File Handling ... |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2010-02-24 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1850.nasl - Type : ACT_GATHER_INFO |
2010-02-24 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1851.nasl - Type : ACT_GATHER_INFO |
2009-10-06 | Name : The remote openSUSE host is missing a security update. File : suse_gstreamer010-plugins-bad-6251.nasl - Type : ACT_GATHER_INFO |
2009-07-21 | Name : The remote openSUSE host is missing a security update. File : suse_11_0_gstreamer-0_10-plugins-bad-090515.nasl - Type : ACT_GATHER_INFO |
2009-07-21 | Name : The remote openSUSE host is missing a security update. File : suse_11_1_gstreamer-0_10-plugins-bad-090514.nasl - Type : ACT_GATHER_INFO |
2009-07-13 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200907-07.nasl - Type : ACT_GATHER_INFO |
2009-06-05 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2009-128.nasl - Type : ACT_GATHER_INFO |
2009-05-08 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-771-1.nasl - Type : ACT_GATHER_INFO |
2009-04-28 | Name : The remote Fedora host is missing a security update. File : fedora_2009-4064.nasl - Type : ACT_GATHER_INFO |
2009-04-28 | Name : The remote Fedora host is missing a security update. File : fedora_2009-4068.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 11:40:20 |
|