*** This bug is a security vulnerability *** Public security bug reported:
Descption of USN-771-1 ( http://www.ubuntu.com/usn/USN-771-1 ) is something wrong, > Manfred Tremmel and Stanislav Brabec discovered that libmodplug did not > correctly > handle long instrument names when parsing PAT sample files. If a user or > automated > system were tricked into opening a crafted PAT file, an attacker could cause > a denial > of service or execute arbitrary code with privileges of the user invoking the > program. > This issue only affected Ubuntu 9.04. (CVE-2009-1438) This is not CVE-2009-1438, "CVE-2009-1513" is valid. (This is trivial, sorry for your tinkers...) ** Affects: ubuntu Importance: Undecided Status: New ** Visibility changed to: Public ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2009-1513 -- USN-771-1's description mistake https://bugs.launchpad.net/bugs/376035 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
