DEBIAN-CVE-2006-3668

See a problem?
Please try reporting it to the source first.

Source

https://security-tracker.debian.org/tracker/CVE-2006-3668

Import Source

https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2006-3668.json

JSON Data

https://api.osv.dev/v1/vulns/DEBIAN-CVE-2006-3668

Upstream

CVE-2006-3668

Published

2006-07-18T15:47:00Z

Modified

2025-09-24T23:57:29.372135Z

Summary

[none]

Details

Heap-based buffer overflow in the itreadenvelope function in Dynamic Universal Music Bibliotheque (DUMB) 0.9.3 and earlier and current CVS as of 20060716, including libdumb, allows user-assisted attackers to execute arbitrary code via a ".it" (Impulse Tracker) file with an envelope with a large number of nodes.

References

https://security-tracker.debian.org/tracker/CVE-2006-3668

Affected packages

Debian:11 / libdumb

Package

Name: libdumb
Purl: pkg:deb/debian/libdumb?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1:0.9.3-5

Ecosystem specific

{
    "urgency": "medium"
}

Debian:12 / libdumb

Package

Name: libdumb
Purl: pkg:deb/debian/libdumb?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1:0.9.3-5

Ecosystem specific

{
    "urgency": "medium"
}

Debian:13 / libdumb

Package

Name: libdumb
Purl: pkg:deb/debian/libdumb?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1:0.9.3-5

Ecosystem specific

{
    "urgency": "medium"
}

Debian:14 / libdumb

Package

Name: libdumb
Purl: pkg:deb/debian/libdumb?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1:0.9.3-5

Ecosystem specific

{
    "urgency": "medium"
}