adplug is vulnerable to arbitrary code execution. Multiple heap-based buffer overflow in Ca2mLoader::load()
in a2m.cpp
allows an attacker to execute arbitrary code on the host OS.
github.com/adplug/adplug/commit/30ddcfe9bd1cce3e02f8135961bceb411419dbdb
github.com/adplug/adplug/issues/88
lists.fedoraproject.org/archives/list/[email protected]/message/Q32A64R2APAC5PXIMSYIEFDQX5AD4GAS/
lists.fedoraproject.org/archives/list/[email protected]/message/U3PW6PLDTPSQQRHKTU2FB72SUB4Q66NE/