An integer overflow within the "abcsetparts()" function (src/load_abc.cpp) can be exploited to corrupt heap memory via a specially crafted ABC file (CVE-2013-4233).
An error within the "abcMIDIdrum()" and "abcMIDIgchord()" functions (src/load_abc.cpp) can be exploited to cause a buffer overflow via a specially crafted ABC file (CVE-2013-4234).