GLSA
Advocate
Joined: 12 May 2004
Posts: 2663
|
 Posted: Tue Sep 12, 2006 6:26 pm Post subject: [ GLSA 200609-06 ] AdPlug: Multiple vulnerabilities |
 |
|
Gentoo Linux Security Advisory
Title: AdPlug: Multiple vulnerabilities (GLSA 200609-06)
Severity: normal
Exploitable: local
Date: September 12, 2006
Bug(s): #139593
ID: 200609-06
Synopsis
Multiple heap and buffer overflows exist in AdPlug.
Background
AdPlug is a free, cross-platform, and hardware-independent AdLib sound
player library.
Affected Packages
Package: media-libs/adplug
Vulnerable: < 2.0.1
Unaffected: >= 2.0.1
Architectures: All supported architectures
Description
AdPlug is vulnerable to buffer and heap overflows when processing the
following types of files: CFF, MTK, DMO, U6M, DTM, and S3M.
Impact
By enticing a user to load a specially crafted file, an attacker could
execute arbitrary code with the privileges of the user running AdPlug.
Workaround
There are no known workarounds at this time.
Resolution
All AdPlug users should update to the latest version:
| Code: | # emerge --sync
# emerge --ask --oneshot --verbose ">=media-libs/adplug-2.0.1" |
References
BugTraq Announcement
CVE-2006-3581
CVE-2006-3582
Last edited by GLSA on Fri Aug 08, 2014 4:23 am; edited 4 times in total |
|
News & Announcements
