CVE-2007-6731

Description

Extended Module Player (XMP) 2.5.1 and earlier allow remote attackers to execute arbitrary code via an OXM file with a negative value, which bypasses a check in (1) test_oxm and (2) decrunch_oxm functions in misc/oxm.c, leading to a buffer overflow.

Affected packages (1)

• Debian/xmpfrom 0, < 2.6.1-1

References (1)

• ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2007-6731