Joined: 12 May 2004
|Posted: Tue Sep 12, 2006 6:26 pm Post subject: [ GLSA 200609-06 ] AdPlug: Multiple vulnerabilities
|Gentoo Linux Security Advisory
Title: AdPlug: Multiple vulnerabilities (GLSA 200609-06)
Date: September 12, 2006
Multiple heap and buffer overflows exist in AdPlug.
AdPlug is a free, cross-platform, and hardware-independent AdLib sound
Vulnerable: < 2.0.1
Unaffected: >= 2.0.1
Architectures: All supported architectures
AdPlug is vulnerable to buffer and heap overflows when processing the
following types of files: CFF, MTK, DMO, U6M, DTM, and S3M.
By enticing a user to load a specially crafted file, an attacker could
execute arbitrary code with the privileges of the user running AdPlug.
There are no known workarounds at this time.
All AdPlug users should update to the latest version:
|# emerge --sync
# emerge --ask --oneshot --verbose ">=media-libs/adplug-2.0.1"
Last edited by GLSA on Mon May 31, 2010 4:22 am; edited 2 times in total