VIR Vulnerability Intelligence Relay

CVE-2013-4234

medium
Published 2013-09-16 · Modified 2026-04-29
CVSS v3
VIR risk
6.8

Description

Multiple heap-based buffer overflows in the (1) abc_MIDI_drum and (2) abc_MIDI_gchord functions in load_abc.cpp in libmodplug 0.8.8.4 and earlier allow remote attackers to cause a denial of service (memory corruption and crash) and possibly execute arbitrary code via a crafted ABC.

Predictions

Exploit likelihood
20%
Patch ETA

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

No vendor mitigations ingested yet for this CVE. The mitigation-content worker queues fetches as references arrive — check back in a few minutes, or see the references list below.

OS impact
OSVersionStatusFixed in
debian debianbookwormfixed1:0.8.8.4-4
debian debianbullseyefixed1:0.8.8.4-4
debian debianforkyfixed1:0.8.8.4-4
debian debiansidfixed1:0.8.8.4-4
debian debiantrixiefixed1:0.8.8.4-4
debian debian6.0affected
debian debian7.0affected

Application impact
VendorProductVersionsFixed
konstanty_bialkowskilibmodplug{"endIncluding":"0.8.8.4"}
konstanty_bialkowskilibmodplug0.8
konstanty_bialkowskilibmodplug0.8.4
konstanty_bialkowskilibmodplug0.8.5
konstanty_bialkowskilibmodplug0.8.6
konstanty_bialkowskilibmodplug0.8.7
konstanty_bialkowskilibmodplug0.8.8
konstanty_bialkowskilibmodplug0.8.8.1
konstanty_bialkowskilibmodplug0.8.8.2
konstanty_bialkowskilibmodplug0.8.8.3

References

CWEs

CWE-119

💬 Discuss CVE-2013-4234 on VIR Community →

Community-verified mitigations for this CVE will appear above when contributors publish them.

Verify integrity in audit chain (admin only). AS-IS.