CVE-2013-1980

Published Feb 11, 2014

Last updated 11 years ago

CVSS info 6.8

Overview

Description: Buffer overflow in the get_dsmp function in loaders/masi_load.c in libxmp before 4.1.0 allows remote attackers to execute arbitrary code via a crafted MASI file.
Source: secalert@redhat.com
NVD status: Analyzed

Risk scores

CVSS 2.0

Type: Primary
Base score: 6.8
Impact score: 6.4
Exploitability score: 8.6
Vector string: AV:N/AC:M/Au:N/C:P/I:P/A:P

Weaknesses

nvd@nist.gov: CWE-119

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:extended_module_player_project:extended_module_player:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2B5E348B-3FC7-4A0B-9767-6E5E6F6E60B4",
            "versionEndIncluding": "4.0.4"
          },
          {
            "criteria": "cpe:2.3:a:extended_module_player_project:extended_module_player:4.0.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E5DA914B-DEE5-408C-9C8C-96528D857E9C"
          },
          {
            "criteria": "cpe:2.3:a:extended_module_player_project:extended_module_player:4.0.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F936A2B2-B313-4D09-AD6A-295668739971"
          },
          {
            "criteria": "cpe:2.3:a:extended_module_player_project:extended_module_player:4.0.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D5C46939-E318-4B34-8E6B-64EE6080F1BE"
          },
          {
            "criteria": "cpe:2.3:a:extended_module_player_project:extended_module_player:4.0.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A10477D8-94E1-4211-952F-F41F2CA6D093"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References