CVE-2011-10021 HIGH

CVE-2011-10021: Magix Musik Maker <= v16 .mmm Stack-Based Buffer Overflow

Vendor Magix Software Gmbh
Product Magix Musik Maker
Weakness CWE-121
Published August 20, 2025
Last update May 15, 2026

CVSS base score

8.4/10
Attack vector Local
Attack complexity Low
Privileges required None
User interaction
Confidentiality
Integrity

CVSS vector

CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

What the vulnerability does

01Description

Magix Musik Maker 16 is vulnerable to a stack-based buffer overflow due to improper handling of .mmm arrangement files. The vulnerability arises from an unsafe strcpy() operation that fails to validate input length, allowing attackers to overwrite the Structured Exception Handler (SEH). By crafting a malicious .mmm file, an attacker can trigger the overflow when the file is opened, potentially leading to arbitrary code execution. This vulnerability was remediated in version 17.

Key dates

02Disclosure timeline

August 20, 2025 CVE published
May 15, 2026 Record updated