DUMB: Heap buffer overflow — GLSA 200608-14

A heap-based buffer overflow in DUMB could result in the execution of arbitrary code.

Affected Packages

media-libs/dumb on all architectures
Affected versions < 0.9.3-r1
Unaffected versions >= 0.9.3-r1

Background

DUMB (Dynamic Universal Music Bibliotheque) is an IT, XM, S3M and MOD player library.

Description

Luigi Auriemma found a heap-based buffer overflow in the it_read_envelope function which reads the envelope values for volume, pan and pitch of the instruments referenced in a ".it" (Impulse Tracker) file with a large number of nodes.

Impact

By enticing a user to load a malicious ".it" (Impulse Tracker) file, an attacker may execute arbitrary code with the rights of the user running the application that uses a vulnerable DUMB library.

Workaround

There is no known workaround at this time.

Resolution

All users of DUMB should upgrade to the latest version:

 # emerge --sync
 # emerge --ask --oneshot --verbose ">=media-libs/dumb-0.9.3-r1"

References

Release Date
August 08, 2006

Latest Revision
August 08, 2006: 01

Severity
normal

Exploitable
remote

Bugzilla entries