Unrated severityNVD Advisory· Published Feb 11, 2014· Updated Apr 29, 2026

CVE-2013-1980

Description

Buffer overflow in the get_dsmp function in loaders/masi_load.c in libxmp before 4.1.0 allows remote attackers to execute arbitrary code via a crafted MASI file.

Affected products

Extended Module Player Project/Extended Module Player5 versions
cpe:2.3:a:extended_module_player_project:extended_module_player:*:*:*:*:*:*:*:*+ 4 more
- cpe:2.3:a:extended_module_player_project:extended_module_player:*:*:*:*:*:*:*:*range: <=4.0.4
- cpe:2.3:a:extended_module_player_project:extended_module_player:4.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:extended_module_player_project:extended_module_player:4.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:extended_module_player_project:extended_module_player:4.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:extended_module_player_project:extended_module_player:4.0.3:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

sourceforge.net/p/xmp/libxmp/ci/a015fdfb478a60172fd225632a11bbd02870fc40nvdExploitPatch
build.opensuse.org/request/show/174356nvdExploitPatch
secunia.com/advisories/53114nvdVendor Advisory
sourceforge.net/projects/xmp/files/libxmp/4.1.0/Changelog/viewnvd
www.openwall.com/lists/oss-security/2013/04/22/12nvd
www.securityfocus.com/bid/59355nvd
bugzilla.redhat.com/show_bug.cginvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.004
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000