Vulnerabilities (CVE)

Filtered by vendor Claudio Matsuoka Subscribe
Filtered by product Extended Module Player
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2007-6732 1 Claudio Matsuoka 1 Extended Module Player 2024-11-21 10.0 HIGH N/A
Multiple buffer overflows in the dtt_load function in loaders/dtt_load.c Extended Module Player (XMP) 2.5.1 and earlier allow remote attackers to execute arbitrary code via unspecified vectors related to an untrusted length value and the (1) pofs and (2) plen arrays.
CVE-2007-6731 1 Claudio Matsuoka 1 Extended Module Player 2024-11-21 10.0 HIGH N/A
Extended Module Player (XMP) 2.5.1 and earlier allow remote attackers to execute arbitrary code via an OXM file with a negative value, which bypasses a check in (1) test_oxm and (2) decrunch_oxm functions in misc/oxm.c, leading to a buffer overflow.