CVE-2007-6720
Last modified
CVE-2007-6720 is a vulnerability of currently unknown severity. libmikmod 3.1.9 through 3.2.0, as used by MikMod, SDL-mixer, and possibly other products, relies on the channel count of the last loaded song, rather than the currently playing song, for certain playback calculations, which allows user-assisted attackers to cause a denial of service (application crash) by loading multiple songs (aka MOD files) with different numbers of channels.. EPSS estimates a 2.34% chance of exploitation in the next 30 days.
Description
libmikmod 3.1.9 through 3.2.0, as used by MikMod, SDL-mixer, and possibly other products, relies on the channel count of the last loaded song, rather than the currently playing song, for certain playback calculations, which allows user-assisted attackers to cause a denial of service (application crash) by loading multiple songs (aka MOD files) with different numbers of channels.
Metrics
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Igno Saitz | Libmikmod | 3.1.9-1 |
| Igno Saitz | Libmikmod | 3.1.9-2 |
| Igno Saitz | Libmikmod | 3.1.9-3 |
| Igno Saitz | Libmikmod | 3.1.9-4 |
| Igno Saitz | Libmikmod | 3.1.9-5 |
| Igno Saitz | Libmikmod | 3.1.9-6 |
| Igno Saitz | Libmikmod | 3.1.10-1 |
| Igno Saitz | Libmikmod | 3.1.10-2 |
| Igno Saitz | Libmikmod | 3.1.10-3 |
| Igno Saitz | Libmikmod | 3.1.10-4 |
| Igno Saitz | Libmikmod | 3.1.10-5 |
| Igno Saitz | Libmikmod | 3.1.11-1 |
| Igno Saitz | Libmikmod | 3.1.11-2 |
| Igno Saitz | Libmikmod | 3.1.11-3 |
| Igno Saitz | Libmikmod | 3.1.11-4 |
| Igno Saitz | Libmikmod | 3.1.11-5 |
| Igno Saitz | Libmikmod | 3.1.11-6 |
| Igno Saitz | Libmikmod | 3.1.12 |
| Igno Saitz | Libmikmod | 3.2.0 |
References
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2007-6720?
How severe is CVE-2007-6720?
How do I fix CVE-2007-6720?
Are you affected by CVE-2007-6720?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST