CVE-2011-1761

Name of the Vulnerable Software and Affected Versions libmodplug versions prior to 0.8.8.3

Description The issue is related to multiple stack-based buffer overflows in the abc new macro and abc new umacro functions, which can be triggered by a crafted ABC file. This can cause a denial of service (crash) and potentially allow the execution of arbitrary code.

Recommendations For versions prior to 0.8.8.3, update to version 0.8.8.3 or later to resolve the issue. As a temporary workaround, consider restricting the use of the abc new macro and abc new umacro functions in src/load abc.cpp until a patch is available. Avoid using these functions with untrusted ABC files to minimize the risk of exploitation.