Stack Buffer Overflow Vulnerabilities in abc2midi

vendor:

abc2midi

by:

Unknown

7.5

CVSS

HIGH

Stack Buffer Overflow

121

CWE

Product Name: abc2midi

Affected Version From: Unknown

Affected Version To: Unknown

Patch Exists: NO

Related CWE: None mentioned

CPE: a:abc2midi

Metasploit:

Other Scripts:

Platforms Tested: None mentioned

Unknown

Stack Buffer Overflow Vulnerabilities in abc2midi

abc2midi is susceptible to two stack buffer overflow vulnerabilities. These issues occur when the application fails to properly bounds check user-supplied image data before copying it into fixed-size memory buffers. Remote attackers can exploit these vulnerabilities to alter the flow of execution and potentially execute attacker-supplied machine code in the context of the application attempting to read malicious ABC files.

Mitigation:

It is recommended to update abc2midi to the latest version or apply patches provided by the vendor. Avoid opening untrusted ABC files.

Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/12019/info

It is reported that abc2midi is susceptible to two stack buffer overflow vulnerabilities. These issues are due to a failure of the application to properly bounds check user-supplied image data prior to copying it into fixed-size memory buffers.

These vulnerabilities allow remote attackers to alter the proper flow of execution of the application, potentially resulting in the execution of attacker-supplied machine code in the context of the application attempting to read malicious ABC files. 

https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/25019-1.zip

https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/25019-2.zip