Buffer overflow in the parse_emelody function in parse_emelody.c for ringtonetools 2.22 allows remote attackers to execute arbitrary code via a crafted eMelody file.