Extended Module Player (XMP) 2.5.1 and previous versions allow remote malicious users to execute arbitrary code via an OXM file with a negative value, which bypasses a check in (1) test_oxm and (2) decrunch_oxm functions in misc/oxm.c, leading to a buffer overflow.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
claudio matsuoka extended module player 2.4.1 |
||
claudio matsuoka extended module player 2.4.0 |
||
claudio matsuoka extended module player 2.3.2 |
||
claudio matsuoka extended module player 2.3.1 |
||
claudio matsuoka extended module player |
||
claudio matsuoka extended module player 2.2.1 |
||
claudio matsuoka extended module player 2.5.0 |
||
claudio matsuoka extended module player 2.3.0 |
||
claudio matsuoka extended module player 2.2.0 |