Debian Xmp vulnerabilities
3 known vulnerabilities affecting debian/xmp.
Total CVEs
3
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
LOW3
Vulnerabilities
Page 1 of 1
CVE-2007-6731P3LOWCVSS 10.0PoCfixed in xmp 2.6.1-1 (bookworm)2007
CVE-2007-6731 [CRITICAL] CVE-2007-6731: xmp - Extended Module Player (XMP) 2.5.1 and earlier allow remote attackers to execute...
Extended Module Player (XMP) 2.5.1 and earlier allow remote attackers to execute arbitrary code via an OXM file with a negative value, which bypasses a check in (1) test_oxm and (2) decrunch_oxm functions in misc/oxm.c, leading to a buffer overflow.
Scope: local
bookworm: resolved (fixed in 2.6.1-1)
bullseye: resolved (fixed in 2.6.1-1)
forky: resolved (fixed in 2.6.1
debian
CVE-2007-6732P3LOWCVSS 10.0fixed in xmp 2.6.1-1 (bookworm)2007
CVE-2007-6732 [CRITICAL] CVE-2007-6732: xmp - Multiple buffer overflows in the dtt_load function in loaders/dtt_load.c Extende...
Multiple buffer overflows in the dtt_load function in loaders/dtt_load.c Extended Module Player (XMP) 2.5.1 and earlier allow remote attackers to execute arbitrary code via unspecified vectors related to an untrusted length value and the (1) pofs and (2) plen arrays.
Scope: local
bookworm: resolved (fixed in 2.6.1-1)
bullseye: resolved (fixed in 2.6.1-1)
forky: resolv
debian
CVE-2013-1980P4LOWCVSS 6.8fixed in xmp 3.4.0-3 (bookworm)2013
CVE-2013-1980 [MEDIUM] CVE-2013-1980: xmp - Buffer overflow in the get_dsmp function in loaders/masi_load.c in libxmp before...
Buffer overflow in the get_dsmp function in loaders/masi_load.c in libxmp before 4.1.0 allows remote attackers to execute arbitrary code via a crafted MASI file.
Scope: local
bookworm: resolved (fixed in 3.4.0-3)
bullseye: resolved (fixed in 3.4.0-3)
forky: resolved (fixed in 3.4.0-3)
sid: resolved (fixed in 3.4.0-3)
trixie: resolved (fixed in 3.4.0-3)
debian