libmikmod 3.1.9 through 3.2.0, as used by MikMod, SDL-mixer, and possibly other products, relies on the channel count of the last loaded song, rather than the currently playing song, for certain playback calculations, which allows user-assisted attackers to cause a denial of service (application crash) by loading multiple songs (aka MOD files) with different numbers of channels.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2009-01-20T16:00:00
Updated: 2024-08-07T16:18:20.615Z
Reserved: 2009-01-20T00:00:00
Link: CVE-2007-6720
Vulnrichment
No data.
NVD
Status : Modified
Published: 2009-01-20T16:30:00.203
Modified: 2016-10-04T01:59:01.563
Link: CVE-2007-6720
Redhat