Published: 02/08/2019 Updated: 03/03/2023

CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6

CVSS v3 Base Score: 7.8 | Impact Score: 5.9 | Exploitability Score: 1.8

VMScore: 605

Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P

An issue exists in Schism Tracker up to and including 20190722. There is a heap-based buffer overflow via a large number of song patterns in fmt_mtm_load_song in fmt/mtm.c, a different vulnerability than CVE-2019-14465.

Vulnerable Product	Search on Vulmon	Subscribe to Product
schismtracker schism tracker
opensuse leap 15.0
opensuse leap 15.1
opensuse backports sle-15

Debian Bug report logs - #933808 schism: CVE-2019-14524 Package: src:schism; Maintainer for src:schism is Debian Multimedia Maintainers <pkg-multimedia-maintainers@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Sat, 3 Aug 2019 19:21:02 UTC Severity: important Tags: security, up ...

CWE-787 https://github.com/schismtracker/schismtracker/issues/201 https://github.com/schismtracker/schismtracker/releases/tag/20190805 http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00072.html http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00083.html https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=933808 https://nvd.nist.gov

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2019-14524

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect