Published: 11/04/2018 Updated: 15/10/2020

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

CVSS v3 Base Score: 6.5 | Impact Score: 3.6 | Exploitability Score: 2.8

VMScore: 383

Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P

soundlib/Snd_fx.cpp in OpenMPT prior to 1.27.07.00 and libopenmpt prior to 0.3.8 allows remote malicious users to cause a denial of service (out-of-bounds read) via an IT or MO3 file with many nested pattern loops.

Vulnerable Product	Search on Vulmon	Subscribe to Product
openmpt libopenmpt
openmpt openmpt

Debian Bug report logs - #895406 libopenmpt: CVE-2018-10017 Package: src:libopenmpt; Maintainer for src:libopenmpt is Debian Multimedia Maintainers <debian-multimedia@listsdebianorg>; Reported by: James Cowgill <jcowgill@debianorg> Date: Wed, 11 Apr 2018 08:57:02 UTC Severity: grave Tags: fixed-upstream, security, ...

CWE-125 https://openmpt.org/openmpt-1-27-07-00-released https://lib.openmpt.org/libopenmpt/2018/04/08/security-updates-0.3.8-0.2-beta31-0.2.7561-beta20.5-p8-0.2.7386-beta20.3-p11/https://github.com/OpenMPT/openmpt/commit/7ebf02af2e90f03e0dbd0e18b8b3164f372fb97c https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=895406 https://nvd.nist.gov

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2018-10017

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect