CVE-2007-6731 - Vulnerability Details - OpenCVE

Extended Module Player (XMP) 2.5.1 and earlier allow remote attackers to execute arbitrary code via an OXM file with a negative value, which bypasses a check in (1) test_oxm and (2) decrunch_oxm functions in misc/oxm.c, leading to a buffer overflow.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Claudio Matsuoka	Extended Module Player

Configuration 1 [-]

OR	cpe:2.3:a:claudio_matsuoka:extended_module_player::::::::
	cpe:2.3:a:claudio_matsuoka:extended_module_player:2.2.0:::::::*
	cpe:2.3:a:claudio_matsuoka:extended_module_player:2.2.1:::::::*
	cpe:2.3:a:claudio_matsuoka:extended_module_player:2.3.0:::::::*
	cpe:2.3:a:claudio_matsuoka:extended_module_player:2.3.1:::::::*
	cpe:2.3:a:claudio_matsuoka:extended_module_player:2.3.2:::::::*
	cpe:2.3:a:claudio_matsuoka:extended_module_player:2.4.0:::::::*
	cpe:2.3:a:claudio_matsuoka:extended_module_player:2.4.1:::::::*
	cpe:2.3:a:claudio_matsuoka:extended_module_player:2.5.0:::::::*

No data.

References

Link	Providers
http://aluigi.altervista.org/adv/xmpbof-adv.txt
http://www.securityfocus.com/bid/27047
http://www.vupen.com/english/advisories/2008/0009
https://www.cve.org/CVERecord?id=CVE-2007-6731

History

Wed, 28 May 2025 14:30:00 +0000

Type	Values Removed	Values Added
References		https://www.cve.org/CVERecord?id=CVE-2007-6731

Thu, 22 May 2025 04:30:00 +0000

Type	Values Removed	Values Added
References	https://nvd.nist.gov/vuln/detail/CVE-2007-6731 https://www.cve.org/CVERecord?id=CVE-2007-6731

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2009-09-13T22:00:00Z

Updated: 2024-09-17T02:57:50.876Z

Reserved: 2009-09-13T00:00:00Z

Link: CVE-2007-6731

Vulnrichment

No data.

NVD

Status : Deferred

Published: 2009-09-13T22:30:00.217

Modified: 2025-04-09T00:30:58.490

Link: CVE-2007-6731

Redhat

Severity : Moderate

Publid Date: 2007-12-27T00:00:00Z

Links: CVE-2007-6731 - Bugzilla

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "descriptions": [{"lang": "en", "value": "Extended Module Player (XMP) 2.5.1 and earlier allow remote attackers to execute arbitrary code via an OXM file with a negative value, which bypasses a check in (1) test_oxm and (2) decrunch_oxm functions in misc/oxm.c, leading to a buffer overflow."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2009-09-13T22:00:00Z", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "ADV-2008-0009", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2008/0009"}, {"tags": ["x_refsource_MISC"], "url": "http://aluigi.altervista.org/adv/xmpbof-adv.txt"}, {"name": "27047", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/27047"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2007-6731", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Extended Module Player (XMP) 2.5.1 and earlier allow remote attackers to execute arbitrary code via an OXM file with a negative value, which bypasses a check in (1) test_oxm and (2) decrunch_oxm functions in misc/oxm.c, leading to a buffer overflow."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "ADV-2008-0009", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2008/0009"}, {"name": "http://aluigi.altervista.org/adv/xmpbof-adv.txt", "refsource": "MISC", "url": "http://aluigi.altervista.org/adv/xmpbof-adv.txt"}, {"name": "27047", "refsource": "BID", "url": "http://www.securityfocus.com/bid/27047"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T16:18:20.663Z"}, "title": "CVE Program Container", "references": [{"name": "ADV-2008-0009", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2008/0009"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://aluigi.altervista.org/adv/xmpbof-adv.txt"}, {"name": "27047", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/27047"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2007-6731", "datePublished": "2009-09-13T22:00:00Z", "dateReserved": "2009-09-13T00:00:00Z", "dateUpdated": "2024-09-17T02:57:50.876Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:claudio_matsuoka:extended_module_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "75D57072-FB7D-492A-9598-CACE7ECBBF8A", "versionEndIncluding": "2.5.1", "vulnerable": true}, {"criteria": "cpe:2.3:a:claudio_matsuoka:extended_module_player:2.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "A329FEF0-CCA9-463C-B1A8-742342193815", "vulnerable": true}, {"criteria": "cpe:2.3:a:claudio_matsuoka:extended_module_player:2.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "EB814723-8284-4D7B-AC1F-2BEBE3BBC47E", "vulnerable": true}, {"criteria": "cpe:2.3:a:claudio_matsuoka:extended_module_player:2.3.0:*:*:*:*:*:*:*", "matchCriteriaId": "9D8AE9AF-2AFA-4CC1-A434-4AE238A5207B", "vulnerable": true}, {"criteria": "cpe:2.3:a:claudio_matsuoka:extended_module_player:2.3.1:*:*:*:*:*:*:*", "matchCriteriaId": "13BE4EDE-5BE6-4C1F-9402-C9CDB5B5DB18", "vulnerable": true}, {"criteria": "cpe:2.3:a:claudio_matsuoka:extended_module_player:2.3.2:*:*:*:*:*:*:*", "matchCriteriaId": "0E8751F9-9012-45BC-8EEE-B1FD71A070F3", "vulnerable": true}, {"criteria": "cpe:2.3:a:claudio_matsuoka:extended_module_player:2.4.0:*:*:*:*:*:*:*", "matchCriteriaId": "A5793923-D9A1-4A31-A5AD-C73CB8DB7F7C", "vulnerable": true}, {"criteria": "cpe:2.3:a:claudio_matsuoka:extended_module_player:2.4.1:*:*:*:*:*:*:*", "matchCriteriaId": "767BA633-F914-482F-A517-9ABC19F26529", "vulnerable": true}, {"criteria": "cpe:2.3:a:claudio_matsuoka:extended_module_player:2.5.0:*:*:*:*:*:*:*", "matchCriteriaId": "A10E8E57-C623-4F06-99D0-2802A5016EC0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Extended Module Player (XMP) 2.5.1 and earlier allow remote attackers to execute arbitrary code via an OXM file with a negative value, which bypasses a check in (1) test_oxm and (2) decrunch_oxm functions in misc/oxm.c, leading to a buffer overflow."}, {"lang": "es", "value": "Extended Module Player (XMP) v2.5.1 y anteriores, permiten a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n mediante un fichero OXM con un valor negativo, esto evita una comprobaci\u00f3n en las funciones (1) test_oxm y (2) decrunch_oxm de misc/oxm.c, lo que provoca un desbordamiento del b\u00fafer."}], "id": "CVE-2007-6731", "lastModified": "2025-04-09T00:30:58.490", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2009-09-13T22:30:00.217", "references": [{"source": "cve@mitre.org", "tags": ["Exploit"], "url": "http://aluigi.altervista.org/adv/xmpbof-adv.txt"}, {"source": "cve@mitre.org", "tags": ["Exploit"], "url": "http://www.securityfocus.com/bid/27047"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://www.vupen.com/english/advisories/2008/0009"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit"], "url": "http://aluigi.altervista.org/adv/xmpbof-adv.txt"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit"], "url": "http://www.securityfocus.com/bid/27047"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://www.vupen.com/english/advisories/2008/0009"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-94"}], "source": "nvd@nist.gov", "type": "Primary"}]}