CVE-2007-6731

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2007-6731

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2007-6731.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2007-6731

Downstream

DEBIAN-CVE-2007-6731

Published

2009-09-13T22:30:00Z

Modified

2026-04-10T03:39:31.399971Z

Summary

[none]

Details

Extended Module Player (XMP) 2.5.1 and earlier allow remote attackers to execute arbitrary code via an OXM file with a negative value, which bypasses a check in (1) testoxm and (2) decrunchoxm functions in misc/oxm.c, leading to a buffer overflow.

References

http://www.vupen.com/english/advisories/2008/0009
http://aluigi.altervista.org/adv/xmpbof-adv.txt
http://www.securityfocus.com/bid/27047

CVE-2007-6731

Affected packages