CVE-2007-6732

Extended Module Player <2.5.1 - Buffer Overflow

Title source: llm
STIX 2.1

Description

Multiple buffer overflows in the dtt_load function in loaders/dtt_load.c Extended Module Player (XMP) 2.5.1 and earlier allow remote attackers to execute arbitrary code via unspecified vectors related to an untrusted length value and the (1) pofs and (2) plen arrays.

References (3)

Core 3
Core References
Vendor Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2008/0009
Exploit vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/27047

Scores

EPSS 0.0562
EPSS Percentile 92.1%

Details

CWE
CWE-119
Status published
Products (9)
claudio_matsuoka/extended_module_player 2.2.0
claudio_matsuoka/extended_module_player 2.2.1
claudio_matsuoka/extended_module_player 2.3.0
claudio_matsuoka/extended_module_player 2.3.1
claudio_matsuoka/extended_module_player 2.3.2
claudio_matsuoka/extended_module_player 2.4.0
claudio_matsuoka/extended_module_player 2.4.1
claudio_matsuoka/extended_module_player 2.5.0
claudio_matsuoka/extended_module_player < 2.5.1
Published Sep 13, 2009
Tracked Since Feb 18, 2026