CVE-2010-2546Improper Restriction of Operations within the Bounds of a Memory Buffer in Libmikmod

CWE-119Improper Restriction of Operations within the Bounds of a Memory Buffer12 documents7 sources
Severity
9.3CRITICALNVD
EPSS
7.2%
top 8.38%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Raphael Assenat LibmikmodDebian Libmikmod
Timeline
PublishedAug 5
Latest updateMay 14

Description

Multiple heap-based buffer overflows in loaders/load_it.c in libmikmod, possibly 3.1.12, might allow remote attackers to execute arbitrary code via (1) crafted samples or (2) crafted instrument definitions in an Impulse Tracker file, related to panpts, pitpts, and IT_ProcessEnvelope. NOTE: some of these details are obtained from third party information. NOTE: this vulnerability exists because of an incomplete fix for CVE-2009-3995.

CVSS vector

AV:N/AC:M/C:C/I:C/A:CExploitability: 8.6 | Impact: 10.0

Affected Packages3 packages

debiandebian/libmikmod< libmikmod 3.1.11-6.3 (bookworm)
Debianraphael_assenat/libmikmod< 3.1.11-6.3+3

🔴Vulnerability Details

4
GHSA
GHSA-5mrv-fmm3-qm6f: Multiple heap-based buffer overflows in loaders/load_it2022-05-14
GHSA
GHSA-7xx4-x85v-pc9j: loaders/load_it2022-05-14
OSV
CVE-2010-2546: Multiple heap-based buffer overflows in loaders/load_it2010-08-05
OSV
CVE-2010-2971: loaders/load_it2010-08-05

📋Vendor Advisories

5
Ubuntu
libMikMod vulnerabilities2010-09-29
Red Hat
libmikmod: arbitrary code execution via crafted Impulse Tracker or Ultratracker files2010-02-05
Red Hat
libmikmod: arbitrary code execution via crafted Impulse Tracker or Ultratracker files2010-02-05
Debian
CVE-2010-2546: libmikmod - Multiple heap-based buffer overflows in loaders/load_it.c in libmikmod, possibly...2010
Debian
CVE-2010-2971: libmikmod - loaders/load_it.c in libmikmod, possibly 3.1.12, does not properly account for t...2010

💬Community

1
Bugzilla
CVE-2009-3995 CVE-2009-3996 libmikmod: arbitrary code execution via crafted Impulse Tracker or Ultratracker files2010-07-14