CVE-2009-0179

Related Files

Ubuntu Security Notice 995-1

Posted Sep 29, 2010

Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 995-1 - It was discovered that libMikMod incorrectly handled songs with different channel counts. If a user were tricked into opening a crafted song file, an attacker could cause a denial of service. It was discovered that libMikMod incorrectly handled certain malformed XM files. If a user were tricked into opening a crafted XM file, an attacker could cause a denial of service. It was discovered that libMikMod incorrectly handled certain malformed Impulse Tracker files. If a user were tricked into opening a crafted Impulse Tracker file, an attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. It was discovered that libMikMod incorrectly handled certain malformed Ultratracker files. If a user were tricked into opening a crafted Ultratracker file, an attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program.

tags | advisory, denial of service, arbitrary

systems | linux, ubuntu

advisories | CVE-2007-6720, CVE-2009-0179, CVE-2009-3995, CVE-2009-3996, CVE-2010-2546, CVE-2010-2971

SHA-256 | 9fbe97802b0f6034e15d8b2e60e735a5af1fd215ef2bf8dd418a7a6cbff53f53

Download | Favorite | View

Mandriva Linux Security Advisory 2009-272

Posted Dec 7, 2009

Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-272 - libmikmod 3.1.9 through 3.2.0, as used by MikMod, SDL-mixer, and possibly other products, relies on the channel count of the last loaded song, rather than the currently playing song, for certain playback calculations, which allows user-assisted attackers to cause a denial of service (application crash) by loading multiple songs (aka MOD files) with different numbers of channels. libmikmod 3.1.11 through 3.2.0, as used by MikMod and possibly other products, allows user-assisted attackers to cause a denial of service (application crash) by loading an XM file. This update fixes these vulnerabilities. Packages for 2008.0 are being provided due to extended support for Corporate products.

tags | advisory, denial of service, vulnerability

systems | linux, mandriva

advisories | CVE-2007-6720, CVE-2009-0179

SHA-256 | b70ec413351c633314d696a02e7ca0c83e7fdea72093d7c0244793d3256a2f43

Download | Favorite | View

Mandriva Linux Security Advisory 2009-272

Posted Oct 12, 2009

Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-272 - libmikmod 3.1.9 through 3.2.0, as used by MikMod, SDL-mixer, and possibly other products, relies on the channel count of the last loaded song, rather than the currently playing song, for certain playback calculations, which allows user-assisted attackers to cause a denial of service (application crash) by loading multiple songs (aka MOD files) with different numbers of channels. libmikmod 3.1.11 through 3.2.0, as used by MikMod and possibly other products, allows user-assisted attackers to cause a denial of service (application crash) by loading an XM file. This update fixes these vulnerabilities.

tags | advisory, denial of service, vulnerability

systems | linux, mandriva

advisories | CVE-2007-6720, CVE-2009-0179

SHA-256 | ac59271992e5eb34115a5371afea04b609727df16b03ae54d054c02a8bba5596

Download | Favorite | View