GNU Libextractor 1.6 allows remote malicious users to cause a denial of service (NULL pointer dereference and application crash) via a crafted GIF, IT (Impulse Tracker), NSFE, S3M (Scream Tracker 3), SID, or XM (eXtended Module) file, as demonstrated by the EXTRACTOR_xm_extract_method function in plugins/xm_extractor.c.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
gnu libextractor 1.6 |