CyberSec.Space Logo
CVEブラウザに戻る

CVE-2007-6732

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.0470%
EPSS Percentile12.17th
Published2009年9月13日
Last Modified2026年4月23日

Vulnerability Description

Multiple buffer overflows in the dtt_load function in loaders/dtt_load.c Extended Module Player (XMP) 2.5.1 and earlier allow remote attackers to execute arbitrary code via unspecified vectors related to an untrusted length value and the (1) pofs and (2) plen arrays.

Affected Platforms (CPE)

📦
Claudio Matsuoka

Extended Module Player

<= 2.5.1
📦
Claudio Matsuoka

Extended Module Player

= 2.2.0
📦
Claudio Matsuoka

Extended Module Player

= 2.2.1
📦
Claudio Matsuoka

Extended Module Player

= 2.3.0
📦
Claudio Matsuoka

Extended Module Player

= 2.3.1
📦
Claudio Matsuoka

Extended Module Player

= 2.3.2
📦
Claudio Matsuoka

Extended Module Player

= 2.4.0
📦
Claudio Matsuoka

Extended Module Player

= 2.4.1
📦
Claudio Matsuoka

Extended Module Player

= 2.5.0

References & Advisories

🔗 http://aluigi.altervista.org/adv/xmpbof-adv.txt
🔗 http://www.securityfocus.com/bid/27047
🔗 http://www.vupen.com/english/advisories/2008/0009
🔗 http://aluigi.altervista.org/adv/xmpbof-adv.txt
🔗 http://www.securityfocus.com/bid/27047
🔗 http://www.vupen.com/english/advisories/2008/0009

関連する脆弱性情報

CVE-2007-673110.0

Extended Module Player (XMP) 2.5.1 and earlier allow remote attackers to execute arbitrary code via an OXM file with a negative va...

CVE-2026-48777

FileBrowser Quantum is a free, self-hosted, web-based file manager. Versions prior to 1.3.2-stable, 1.4.0-beta and 1.4.1-beta are ...

CVE-2026-477507.8

stable-diffusion.cpp is a pure C/C++ library for running diffusion model (Stable Diffusion, Flux, Wan, Qwen Image, Z-Image, and mo...

CVE-2026-477477.8

stable-diffusion.cpp is a pure C/C++ library for running diffusion model (Stable Diffusion, Flux, Wan, Qwen Image, Z-Image, and mo...