Published: 17/08/2017 Updated: 21/08/2017

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

CVSS v3 Base Score: 7.5 | Impact Score: 3.6 | Exploitability Score: 3.9

VMScore: 505

Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P

The _WM_ParseNewMidi function in f_midi.c in WildMIDI 0.4.2 can cause a denial of service (invalid memory read and application crash) via a crafted mid file.

Vulnerable Product	Search on Vulmon	Subscribe to Product
mindwerks wildmidi 0.4.2

Debian Bug report logs - #886503 wildmidi: CVE-2017-1000418 Package: src:wildmidi; Maintainer for src:wildmidi is Bret Curtis <psi29a@gmailcom>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Sat, 6 Jan 2018 22:36:01 UTC Severity: important Tags: patch, security, upstream Found in version wildmidi/04 ...

Debian Bug report logs - #871616 CVE-2017-11661 CVE-2017-11662 CVE-2017-11663 CVE-2017-11664 Package: src:wildmidi; Maintainer for src:wildmidi is Bret Curtis <psi29a@gmailcom>; Reported by: Moritz Muehlenhoff <jmm@debianorg> Date: Wed, 9 Aug 2017 23:12:02 UTC Severity: important Tags: fixed-upstream, security, up ...

wildmidi multiple vulnerabilities ================ Author : qflbwu =============== Introduction: ============= WildMIDI is a simple software midi player which has a core softsynth library that can be use with other applicationsThe WildMIDI library uses Gravis Ultrasound patch files to convert MIDI files into audio which is then passed back to t ...

CWE-125 http://seclists.org/fulldisclosure/2017/Aug/12 https://www.exploit-db.com/exploits/42433/https://nvd.nist.gov https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=886503 https://www.exploit-db.com/exploits/42433/

CVE-2017-11662

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

Exploits

References

Vulmon Search

About

Products

Connect