A local overflow exists in AdPlug. The 'dtm.cpp' library fails to sanitize user controlled fields in a DTM file resulting in a buffer overflow. With a specially crafted DTM file, an attacker can compromise applications using the library resulting in a loss of integrity.
Currently, there are no known upgrades, patches, or workarounds available to correct this issue.
The AdPlug library is affected by multiple remote buffer-overflow vulnerabilities. These issues are due to the library's failure to properly bounds-check user-supplied input before copying it into insufficiently sized memory buffers.
These issues allow remote attackers to execute arbitrary machine code in the context of the user running applications that use the affected library to open attacker-supplied malicious files.
The AdPlug library version 2.0 is vulnerable to these issues; previous versions may also be affected.
Currently we are not aware of any exploits for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: firstname.lastname@example.org
The following proof-of-concept code may be used to demonstrate several of these issues by crashing the affected library: