Unrated severityNVD Advisory· Published Aug 5, 2010· Updated Apr 29, 2026
CVE-2010-2546
CVE-2010-2546
Description
Multiple heap-based buffer overflows in loaders/load_it.c in libmikmod, possibly 3.1.12, might allow remote attackers to execute arbitrary code via (1) crafted samples or (2) crafted instrument definitions in an Impulse Tracker file, related to panpts, pitpts, and IT_ProcessEnvelope. NOTE: some of these details are obtained from third party information. NOTE: this vulnerability exists because of an incomplete fix for CVE-2009-3995.
Affected products
1- cpe:2.3:a:raphael_assenat:libmikmod:3.1.12:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
9- secunia.com/advisories/40799nvdVendor Advisory
- www.vupen.com/english/advisories/2010/1957nvdVendor Advisory
- secunia.com/advisories/48244nvd
- security.gentoo.org/glsa/glsa-201203-10.xmlnvd
- sourceforge.net/tracker/nvd
- www.debian.org/security/2010/dsa-2081nvd
- www.mandriva.com/security/advisoriesnvd
- www.securityfocus.com/bid/41917nvd
- bugzilla.redhat.com/show_bug.cginvd
News mentions
0No linked articles in our index yet.