CVE-2003-0427 — Improper Restriction of Operations within the Bounds of a Memory Buffer in Mikmod

8 documents7 sources

Severity

7.5HIGHNVD

EPSS

3.3%

top 12.83%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Miod Vallat Mikmod Debian Mikmod

Timeline

PublishedJul 24

Latest updateApr 29

Description

Buffer overflow in mikmod 3.1.6 and earlier allows remote attackers to execute arbitrary code via an archive file that contains a file with a long filename.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages3 packages

▶debiandebian/mikmod< mikmod 3.1.6-6 (bookworm)

▶Debianmiod_vallat/mikmod< 3.1.6-6+3

▶NVDmiod_vallat/mikmod3.1.6

Patches

Patch: www.debian.org ↗Patch: www.debian.org ↗

🔴Vulnerability Details

GHSA

GHSA-3mcf-r5g4-57jg: Buffer overflow in mikmod 3↗2022-04-29

▶

OSV

CVE-2003-0427: Buffer overflow in mikmod 3↗2003-07-24

▶

💥Exploits & PoCs

Exploit-DB

Microsoft Help Workshop 4.03.0002 - '.HPJ' Local Buffer Overflow↗2007-01-19

▶

Exploit-DB

Microsoft Help Workshop 4.03.0002 - '.cnt' Local Buffer Overflow↗2007-01-17

▶

📋Vendor Advisories

Red Hat

security flaw↗2003-06-13

▶

Debian

CVE-2003-0427: mikmod - Buffer overflow in mikmod 3.1.6 and earlier allows remote attackers to execute a...↗2003

▶

💬Community

Bugzilla

CVE-2003-0427 security flaw↗2018-08-16

▶