FrSIRT - OpenMPT "ReadITProject()" and "ReadSample()" Functions Buffer Overflow Vulnerabilities / Exploit (Security Advisories)

French Security Incident Response Team

French

English

OpenMPT "ReadITProject()" and "ReadSample()" Functions Buffer Overflow Vulnerabilities

Title : OpenMPT "ReadITProject()" and "ReadSample()" Functions Buffer Overflow Vulnerabilities
Advisory ID : FrSIRT/ADV-2006-3231
CVE ID : CVE-2006-4192
Rated as : Moderate Risk

Remotely Exploitable : Yes
Locally Exploitable : Yes
Release Date : 2006-08-09

Advisory Details

Description

Affected Products

Solution

References

Technical Description

Two vulnerabilities have been identified in OpenMPT, which could be exploited by attackers to take complete control of an affected system. These flaws are due to buffer overflow errors in the "CSoundFile::ReadITProject()" and "CSoundFile::ReadSample()" functions when processing malformed files, which could be exploited by attackers to execute arbitrary commands via a malicious ITP file or a specially crafted module.

Credits

Vulnerabilities reported by Luigi Auriemma

ChangeLog

2006-08-09 : Initial release

Vulnerability Management

Subscribe to FrSIRT VNS and receive real-time e-mail and SMS alerts when new vulnerabilities, exploits, or patches relevant to your systems and network configurations are available.

Feedback

If you have additional information or corrections for this security advisory please submit them via our contact form or by email to updates@frsirt.com.

Mailinglist

	IBM AIX Sendmail Header Lines Denial of Service Vulnerability
	IBM Metrica Multiple Parameter Cross Site Scripting Vulnerabilities
	IBM Lotus Quickr Unspecified Cross Site Scripting Vulnerabilities
	IBM Hardware Management Console Denial of Service Vulnerability
	IBM Tivoli Storage Manager Client Buffer Overflow Vulnerability
	IBM DB2 Denial of Service and Information Disclosure Vulnerabilities
	IBM Lotus Quickr Denial of Service and Security Bypass Vulnerabilities

	Apple Safari Code Execution and Security Bypass Vulnerabilities
	Apple iLife and Aperture Image Handling Code Execution Vulnerabilities
	Apple Mac OS X Code Execution and Security Bypass Vulnerabilities
	Apple TV Multiple File Processing Code Execution Vulnerabilities
	Apple Mac OS X Code Execution and Security Bypass Vulnerabilities
	Apple iPhone Code Execution and Security Bypass Vulnerabilities
	Apple QuickTime Multiple Remote Code Execution Vulnerabilities

	Cisco IOS/CatOS VLAN Trunking Protocol DoS Vulnerability
	Cisco PIX and ASA Security Bypass and Denial of Service
	Cisco Unity Security Bypass and Denial of Service
	Cisco UCM SIP Remote Denial of Service
	Cisco IOS Denial of Service and Security Bypass Vulnerabilities
	Cisco PIX and ASA Information Disclosure and DoS Vulnerabilities
	Cisco Secure ACS EAP Remote Denial Of Service Vulnerability