CVE-2011-2915
EPSS 8.7%
Description
Off-by-one error in the CSoundFile::ReadAMS2 function in src/load_ams.cpp in libmodplug before 0.8.8.4 allows remote attackers to cause a denial of service (memory corruption) and possibly execute arbitrary code via a crafted AMS file with a large number of instruments.
How to fix CVE-2011-2915
To remediate CVE-2011-2915, upgrade the affected package to a fixed version below.
- Debian/libmodplug—upgrade to 1:0.8.8.4-1 or later
Is CVE-2011-2915 being exploited?
Moderate — EPSS is 8.7%. Track this CVE but it's not at the top of the prioritisation list.
Affected packages (1)
- from 0, < 1:0.8.8.4-1