VYPR
← All advisories
Unrated severityNVD Advisory· Published Jan 20, 2009· Updated Apr 23, 2026

CVE-2007-6720

CVE-2007-6720

Description

libmikmod 3.1.9 through 3.2.0, as used by MikMod, SDL-mixer, and possibly other products, relies on the channel count of the last loaded song, rather than the currently playing song, for certain playback calculations, which allows user-assisted attackers to cause a denial of service (application crash) by loading multiple songs (aka MOD files) with different numbers of channels.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

19
  • Mikmod/libmikmod19 versions
    cpe:2.3:a:igno_saitz:libmikmod:3.1.10-1:*:*:*:*:*:*:*+ 18 more
    • cpe:2.3:a:igno_saitz:libmikmod:3.1.10-1:*:*:*:*:*:*:*
    • cpe:2.3:a:igno_saitz:libmikmod:3.1.10-2:*:*:*:*:*:*:*
    • cpe:2.3:a:igno_saitz:libmikmod:3.1.10-3:*:*:*:*:*:*:*
    • cpe:2.3:a:igno_saitz:libmikmod:3.1.10-4:*:*:*:*:*:*:*
    • cpe:2.3:a:igno_saitz:libmikmod:3.1.10-5:*:*:*:*:*:*:*
    • cpe:2.3:a:igno_saitz:libmikmod:3.1.11-1:*:*:*:*:*:*:*
    • cpe:2.3:a:igno_saitz:libmikmod:3.1.11-2:*:*:*:*:*:*:*
    • cpe:2.3:a:igno_saitz:libmikmod:3.1.11-3:*:*:*:*:*:*:*
    • cpe:2.3:a:igno_saitz:libmikmod:3.1.11-4:*:*:*:*:*:*:*
    • cpe:2.3:a:igno_saitz:libmikmod:3.1.11-5:*:*:*:*:*:*:*
    • cpe:2.3:a:igno_saitz:libmikmod:3.1.11-6:*:*:*:*:*:*:*
    • cpe:2.3:a:igno_saitz:libmikmod:3.1.12:*:*:*:*:*:*:*
    • cpe:2.3:a:igno_saitz:libmikmod:3.1.9-1:*:*:*:*:*:*:*
    • cpe:2.3:a:igno_saitz:libmikmod:3.1.9-2:*:*:*:*:*:*:*
    • cpe:2.3:a:igno_saitz:libmikmod:3.1.9-3:*:*:*:*:*:*:*
    • cpe:2.3:a:igno_saitz:libmikmod:3.1.9-4:*:*:*:*:*:*:*
    • cpe:2.3:a:igno_saitz:libmikmod:3.1.9-5:*:*:*:*:*:*:*
    • cpe:2.3:a:igno_saitz:libmikmod:3.1.9-6:*:*:*:*:*:*:*
    • cpe:2.3:a:igno_saitz:libmikmod:3.2.0:*:*:*:*:*:*:*

Patches

Vulnerability mechanics

No source-code context for this CVE — mechanics is only generated when we can read the actual fix diff. Without that, the four sections (root cause, attack vector, affected code, fix) would be speculation rather than analysis.

References

10

News mentions

0

No linked articles in our index yet.