In libopenmpt prior to 0.3.19 and 0.4.x prior to 0.4.9, ModPlug_InstrumentName and ModPlug_SampleName in libopenmpt_modplug.c do not restrict the lengths of libmodplug output-buffer strings in the C API, leading to a buffer overflow.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
openmpt libopenmpt |