CVE-2006-3879
published 2006-07-27CVE-2006-3879: Integer overflow in the loadChunk function in loaders/load_gt2.c in libmikmod in Mikmod Sound System 3.2.2 allows remote attackers to cause a denial of service…
PriorityP424medium5CVSS 2.0
AVNACLAuNCNINAP
EXPLOIT
EPSS
9.29%
94.7th percentile
Integer overflow in the loadChunk function in loaders/load_gt2.c in libmikmod in Mikmod Sound System 3.2.2 allows remote attackers to cause a denial of service via a GRAOUMF TRACKER (GT2) module file with a large (0xffffffff) comment length value in an XCOM chunk.
Affected
11 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | libmikmod | — | — |
| miod_vallat | mikmod | — | — |
| miod_vallat | mikmod | — | — |
| miod_vallat | mikmod | — | — |
| miod_vallat | mikmod | — | — |
| miod_vallat | mikmod | — | — |
| miod_vallat | mikmod | — | — |
| miod_vallat | mikmod | — | — |
| miod_vallat | mikmod | — | — |
| miod_vallat | mikmod | — | — |
| miod_vallat | mikmod | — | — |
CVSS provenance
nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:N/I:N/A:P
vendor_debian5.0LOW
vendor_redhat5.0MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-v845-c7g6-vv56: Integer overflow in the loadChunk function in loaders/load_gt2
ghsa_unreviewed·2022-05-01
CVE-2006-3879 [MEDIUM] GHSA-v845-c7g6-vv56: Integer overflow in the loadChunk function in loaders/load_gt2
Integer overflow in the loadChunk function in loaders/load_gt2.c in libmikmod in Mikmod Sound System 3.2.2 allows remote attackers to cause a denial of service via a GRAOUMF TRACKER (GT2) module file with a large (0xffffffff) comment length value in an XCOM chunk.
Debian
CVE-2006-3879: libmikmod - Integer overflow in the loadChunk function in loaders/load_gt2.c in libmikmod in...
vendor_debian·2006·CVSS 5.0
CVE-2006-3879 [MEDIUM] CVE-2006-3879: libmikmod - Integer overflow in the loadChunk function in loaders/load_gt2.c in libmikmod in...
Integer overflow in the loadChunk function in loaders/load_gt2.c in libmikmod in Mikmod Sound System 3.2.2 allows remote attackers to cause a denial of service via a GRAOUMF TRACKER (GT2) module file with a large (0xffffffff) comment length value in an XCOM chunk.
Scope: local
bookworm: resolved
bullseye: resolved
forky: resolved
sid: resolved
trixie: resolved
Red Hat
CVE-2006-3879: Integer overflow in the loadChunk function in loaders/load_gt2
vendor_redhat·CVSS 5.0
CVE-2006-3879 [MEDIUM] CVE-2006-3879: Integer overflow in the loadChunk function in loaders/load_gt2
Integer overflow in the loadChunk function in loaders/load_gt2.c in libmikmod in Mikmod Sound System 3.2.2 allows remote attackers to cause a denial of service via a GRAOUMF TRACKER (GT2) module file with a large (0xffffffff) comment length value in an XCOM chunk.
Statement: This issue does not affect versions of Mikmod 3.2.0-beta2 or prior. Versions of Mikmod distributed with Red Hat Enterprise Linux 2.1, 3, and 4 are based on version 3.1.11 and are therefore not vulnerable to this issue.
No detection rules found.
No writeups or analysis indexed.
http://aluigi.altervista.org/adv/lmmgt2ho-adv.txthttp://aluigi.org/poc/lmmgt2ho.ziphttp://secunia.com/advisories/21196http://securityreason.com/securityalert/1288http://www.securityfocus.com/archive/1/441006/100/0/threadedhttp://www.securityfocus.com/bid/19134http://www.vupen.com/english/advisories/2006/2967http://aluigi.altervista.org/adv/lmmgt2ho-adv.txthttp://aluigi.org/poc/lmmgt2ho.ziphttp://secunia.com/advisories/21196http://securityreason.com/securityalert/1288http://www.securityfocus.com/archive/1/441006/100/0/threadedhttp://www.securityfocus.com/bid/19134http://www.vupen.com/english/advisories/2006/2967
2006-07-27
Published