Heap-based buffer overflow in the it_read_envelope function in Dynamic Universal Music Bibliotheque (DUMB) 0.9.3 and previous versions and current CVS as of 20060716, including libdumb, allows user-assisted malicious users to execute arbitrary code via a ".it" (Impulse Tracker) file with an envelope with a large number of nodes.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
dynamic universal music bibliotheque dumb |