CVE-2011-1574

Name of the Vulnerable Software and Affected Versions libmodplug versions prior to 0.8.8.4

Description The issue concerns multiple vulnerabilities in the libmodplug package that can be exploited remotely, potentially leading to breaches in confidentiality, integrity, and availability of protected information. Specifically, a stack-based buffer overflow in the ReadS3M method in load s3m.cpp allows remote attackers to execute arbitrary code via a crafted S3M file.

Recommendations For libmodplug versions prior to 0.8.8.4, update to version 0.8.8.4 or later to resolve the issue. As a temporary workaround, consider restricting access to the ReadS3M method in load s3m.cpp to minimize the risk of exploitation. Avoid using crafted S3M files until the issue is resolved.