CVE-2013-4234

Name of the Vulnerable Software and Affected Versions libmodplug versions 0.8.8.4 and earlier

Description The issue is related to multiple heap-based buffer overflows in the abc MIDI drum and abc MIDI gchord functions in load abc.cpp. This can allow remote attackers to cause a denial of service, resulting in memory corruption and crash, and possibly execute arbitrary code via a crafted ABC file. The vulnerability can be exploited remotely, potentially leading to disruptions in confidentiality, integrity, and availability of protected information.

Recommendations For libmodplug versions 0.8.8.4 and earlier, consider updating to a version later than 0.8.8.4 to resolve the issue. As a temporary workaround, consider restricting access to the abc MIDI drum and abc MIDI gchord functions in load abc.cpp to minimize the risk of exploitation.