VYPR
Vendor

Konstanty Bialkowski

Products
2
CVEs
13
Across products
14
Status
Private

Products

2

Recent CVEs

13
  • CVE-2011-1574May 9, 2011
    risk 0.06cvss epss 0.43

    Stack-based buffer overflow in the ReadS3M method in load_s3m.cpp in libmodplug before 0.8.8.2 allows remote attackers to execute arbitrary code via a crafted S3M file.

  • CVE-2011-1761Jun 7, 2012
    risk 0.04cvss epss 0.11

    Multiple stack-based buffer overflows in the (1) abc_new_macro and (2) abc_new_umacro functions in src/load_abc.cpp in libmodplug before 0.8.8.3 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted ABC file. NOTE: some of…

  • CVE-2006-4192Aug 17, 2006
    risk 0.04cvss epss 0.08

    Multiple buffer overflows in MODPlug Tracker (OpenMPT) 1.17.02.43 and earlier and libmodplug 0.8 and earlier, as used in GStreamer and possibly other products, allow user-assisted remote attackers to execute arbitrary code via (1) long strings in ITP files used by the…

  • CVE-2013-4234Sep 16, 2013
    risk 0.00cvss epss 0.04

    Multiple heap-based buffer overflows in the (1) abc_MIDI_drum and (2) abc_MIDI_gchord functions in load_abc.cpp in libmodplug 0.8.8.4 and earlier allow remote attackers to cause a denial of service (memory corruption and crash) and possibly execute arbitrary code via a crafted…

  • CVE-2013-4233Sep 16, 2013
    risk 0.00cvss epss 0.04

    Integer overflow in the abc_set_parts function in load_abc.cpp in libmodplug 0.8.8.4 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted P header in an ABC file, which triggers a heap-based buffer overflow.

  • CVE-2011-2915Jun 7, 2012
    risk 0.00cvss epss 0.04

    Off-by-one error in the CSoundFile::ReadAMS2 function in src/load_ams.cpp in libmodplug before 0.8.8.4 allows remote attackers to cause a denial of service (memory corruption) and possibly execute arbitrary code via a crafted AMS file with a large number of instruments.

  • CVE-2011-2914Jun 7, 2012
    risk 0.00cvss epss 0.05

    Off-by-one error in the CSoundFile::ReadDSM function in src/load_dms.cpp in libmodplug before 0.8.8.4 allows remote attackers to cause a denial of service (memory corruption) and possibly execute arbitrary code via a crafted DSM file with a large number of samples.

  • CVE-2011-2913Jun 7, 2012
    risk 0.00cvss epss 0.05

    Off-by-one error in the CSoundFile::ReadAMS function in src/load_ams.cpp in libmodplug before 0.8.8.4 allows remote attackers to cause a denial of service (stack memory corruption) and possibly execute arbitrary code via a crafted AMS file with a large number of samples.

  • CVE-2011-2912Jun 7, 2012
    risk 0.00cvss epss 0.04

    Stack-based buffer overflow in the CSoundFile::ReadS3M function in src/load_s3m.cpp in libmodplug before 0.8.8.4 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted S3M file with an invalid offset.

  • CVE-2011-2911Jun 7, 2012
    risk 0.00cvss epss 0.04

    Integer overflow in the CSoundFile::ReadWav function in src/load_wav.cpp in libmodplug before 0.8.8.4 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted WAV file, which triggers a heap-based buffer overflow.

  • CVE-2009-1513May 4, 2009
    risk 0.00cvss epss 0.04

    Buffer overflow in the PATinst function in src/load_pat.cpp in libmodplug before 0.8.7 allows user-assisted remote attackers to cause a denial of service and possibly execute arbitrary code via a long instrument name.

  • CVE-2009-1438Apr 27, 2009
    risk 0.00cvss epss 0.05

    Integer overflow in the CSoundFile::ReadMed function (src/load_med.cpp) in libmodplug before 0.8.6, as used in gstreamer-plugins, TTPlayer, and other products, allows context-dependent attackers to execute arbitrary code via a MED file with a crafted (1) song comment or (2) song…

  • CVE-2006-3230Jun 27, 2006
    risk 0.00cvss epss 0.02

    Cross-site scripting (XSS) vulnerability in index.tmpl in Azureus Tracker 2.4.0.2 and earlier (Java BitTorrent Client Tracker) allows remote attackers to inject arbitrary web script or HTML via the search parameter.