{"id":"CVE-2007-6731","details":"Extended Module Player (XMP) 2.5.1 and earlier allow remote attackers to execute arbitrary code via an OXM file with a negative value, which bypasses a check in (1) test_oxm and (2) decrunch_oxm functions in misc/oxm.c, leading to a buffer overflow.","modified":"2026-04-10T03:39:31.399971Z","published":"2009-09-13T22:30:00Z","references":[{"type":"ADVISORY","url":"http://www.vupen.com/english/advisories/2008/0009"},{"type":"EVIDENCE","url":"http://aluigi.altervista.org/adv/xmpbof-adv.txt"},{"type":"EVIDENCE","url":"http://www.securityfocus.com/bid/27047"}],"schema_version":"1.7.5"}