CyberSec.Space Logo
返回 CVE 浏览器

CVE-2007-6732

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.0470%
EPSS Percentile12.17th
Published2009年9月13日
Last Modified2026年4月23日

Vulnerability Description

Multiple buffer overflows in the dtt_load function in loaders/dtt_load.c Extended Module Player (XMP) 2.5.1 and earlier allow remote attackers to execute arbitrary code via unspecified vectors related to an untrusted length value and the (1) pofs and (2) plen arrays.

Affected Platforms (CPE)

📦
Claudio Matsuoka

Extended Module Player

<= 2.5.1
📦
Claudio Matsuoka

Extended Module Player

= 2.2.0
📦
Claudio Matsuoka

Extended Module Player

= 2.2.1
📦
Claudio Matsuoka

Extended Module Player

= 2.3.0
📦
Claudio Matsuoka

Extended Module Player

= 2.3.1
📦
Claudio Matsuoka

Extended Module Player

= 2.3.2
📦
Claudio Matsuoka

Extended Module Player

= 2.4.0
📦
Claudio Matsuoka

Extended Module Player

= 2.4.1
📦
Claudio Matsuoka

Extended Module Player

= 2.5.0

References & Advisories

🔗 http://aluigi.altervista.org/adv/xmpbof-adv.txt
🔗 http://www.securityfocus.com/bid/27047
🔗 http://www.vupen.com/english/advisories/2008/0009
🔗 http://aluigi.altervista.org/adv/xmpbof-adv.txt
🔗 http://www.securityfocus.com/bid/27047
🔗 http://www.vupen.com/english/advisories/2008/0009

相关漏洞威胁

CVE-2007-673110.0

Extended Module Player (XMP) 2.5.1 and earlier allow remote attackers to execute arbitrary code via an OXM file with a negative va...

CVE-2007-195910.0

Unspecified vulnerability in the process_cmdent function in command.cpp in TinyMUX before 2.4 has unknown impact and attack vector...

CVE-2007-005710.0

Cisco Clean Access (CCA) 3.6.x through 3.6.4.2 and 4.0.x through 4.0.3.2 does not properly configure or allow modification of a sh...

CVE-2007-010010.0

The Perforce client does not restrict the set of files that it overwrites upon receiving a request from the server, which allows r...