AdPlug is vulnerable to buffer overflow. Lack of validations in ‘CmtkLoader::load()’ in ‘mtk.cpp’ allows remote attackers to cause multiple heap-based buffer overflows.
bugzilla.redhat.com/show_bug.cgi?id=1778711
github.com/adplug/adplug/commit/8342139c09178823dba3f3bbd8b53d0ea0c72de9
github.com/adplug/adplug/issues/90
lists.fedoraproject.org/archives/list/[email protected]/message/Q32A64R2APAC5PXIMSYIEFDQX5AD4GAS/
lists.fedoraproject.org/archives/list/[email protected]/message/U3PW6PLDTPSQQRHKTU2FB72SUB4Q66NE/