Release date:
Updated on:
Affected Systems:
Libmodplug <= 0.8.8.4
Description:
--------------------------------------------------------------------------------
Libmodplug is an open-source function library used to play mod music formats.
Libmodplug 0.8.8.4 "abc_MIDI_drum ()" function (src/load_abc.cpp) and "abc_set_parts ()" function (src/load_abc.cpp) have errors in processing specially crafted ABC files, can be exploited to damage heap memory and cause buffer overflow.
<* Source: agixid
Link: http://secunia.com/advisories/54388/
*>
Suggestion:
--------------------------------------------------------------------------------
Vendor patch:
Libmodplug
----------
Currently, the vendor does not provide patches or upgrade programs. We recommend that users who use the software follow the vendor's homepage to obtain the latest version:
Http://modplug-xmms.sourceforge.net/