CVE-2010-2546
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2010-2546
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2010-2546.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2010-2546
- Related
- Published
- 2010-08-05T13:22:29Z
- Modified
- 2025-04-11T00:51:21Z
- Downstream
- Summary
- [none]
- Details
-
Multiple heap-based buffer overflows in loaders/loadit.c in libmikmod, possibly 3.1.12, might allow remote attackers to execute arbitrary code via (1) crafted samples or (2) crafted instrument definitions in an Impulse Tracker file, related to panpts, pitpts, and ITProcessEnvelope. NOTE: some of these details are obtained from third party information. NOTE: this vulnerability exists because of an incomplete fix for CVE-2009-3995.
- References
-
- http://secunia.com/advisories/40799
- http://secunia.com/advisories/48244
- http://security.gentoo.org/glsa/glsa-201203-10.xml
- http://www.debian.org/security/2010/dsa-2081
- http://www.mandriva.com/security/advisories?name=MDVSA-2010:151
- http://www.vupen.com/english/advisories/2010/1957
- https://bugzilla.redhat.com/show_bug.cgi?id=614643
- http://sourceforge.net/tracker/?func=detail&aid=3033086&group_id=40531&atid=428227
- http://www.securityfocus.com/bid/41917
- https://security-tracker.debian.org/tracker/CVE-2010-2546
Affected packages
Debian:11 / libmikmod
Package
- Name
- libmikmod
- Purl
- pkg:deb/debian/libmikmod?arch=source
Debian:12 / libmikmod
Package
- Name
- libmikmod
- Purl
- pkg:deb/debian/libmikmod?arch=source
Debian:13 / libmikmod
Package
- Name
- libmikmod
- Purl
- pkg:deb/debian/libmikmod?arch=source