Published: 17/08/2017 Updated: 10/11/2020

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

CVSS v3 Base Score: 6.5 | Impact Score: 3.6 | Exploitability Score: 2.8

VMScore: 435

Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P

The _WM_SetupMidiEvent function in internal_midi.c:2122 in WildMIDI 0.4.2 can cause a denial of service (invalid memory read and application crash) via a crafted mid file.

Vulnerable Product	Search on Vulmon	Subscribe to Product
mindwerks wildmidi 0.4.2

Debian Bug report logs - #871616 CVE-2017-11661 CVE-2017-11662 CVE-2017-11663 CVE-2017-11664 Package: src:wildmidi; Maintainer for src:wildmidi is Bret Curtis <psi29a@gmailcom>; Reported by: Moritz Muehlenhoff <jmm@debianorg> Date: Wed, 9 Aug 2017 23:12:02 UTC Severity: important Tags: fixed-upstream, security, up ...

wildmidi multiple vulnerabilities ================ Author : qflbwu =============== Introduction: ============= WildMIDI is a simple software midi player which has a core softsynth library that can be use with other applicationsThe WildMIDI library uses Gravis Ultrasound patch files to convert MIDI files into audio which is then passed back to t ...

CWE-125 http://seclists.org/fulldisclosure/2017/Aug/12 https://www.exploit-db.com/exploits/42433/https://github.com/Mindwerks/wildmidi/commit/ad6d7cf88d6673167ca1f517248af9409a9f1be1 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=871616 https://nvd.nist.gov https://www.exploit-db.com/exploits/42433/

CVE-2017-11664

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

Exploits

References

Vulmon Search

About

Products

Connect