CVE-2007-6720

Publication date 20 January 2009

Last updated 24 July 2024


Ubuntu priority

libmikmod 3.1.9 through 3.2.0, as used by MikMod, SDL-mixer, and possibly other products, relies on the channel count of the last loaded song, rather than the currently playing song, for certain playback calculations, which allows user-assisted attackers to cause a denial of service (application crash) by loading multiple songs (aka MOD files) with different numbers of channels.

Status

Package Ubuntu Release Status
libmikmod 10.04 LTS lucid
Not affected
9.10 karmic
Fixed 3.1.11-6ubuntu4.1
9.04 jaunty
Fixed 3.1.11-6ubuntu3.9.04.1
8.10 intrepid Ignored end of life, was needed
8.04 LTS hardy
Fixed 3.1.11-6ubuntu3.8.04.1
7.10 gutsy Ignored end of life, was needed
6.06 LTS dapper Ignored end of life

References

Related Ubuntu Security Notices (USN)

    • USN-995-1
    • libMikMod vulnerabilities
    • 29 September 2010

Other references