MidnightBSD

Advisories for game-music-emu_project

CVE-2016-9957 MEDIUM

Stack-based buffer overflow in game-music-emu before 0.6.1.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
opensuse_project leap 42.1
suse suse_linux_enterprise_server 12
game-music-emu_project game-music-emu *
opensuse leap 42.2
suse linux_enterprise_workstation_extension 12
suse linux_enterprise_software_development_kit 12
suse linux_enterprise_desktop 12
suse linux_enterprise 12.0
opensuse opensuse 12.1
CVE-2016-9958 MEDIUM

game-music-emu before 0.6.1 allows remote attackers to write to arbitrary memory locations.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
opensuse_project leap 42.1
suse suse_linux_enterprise_server 12
game-music-emu_project game-music-emu *
opensuse leap 42.2
suse linux_enterprise_workstation_extension 12
suse linux_enterprise_software_development_kit 12
suse linux_enterprise_desktop 12
suse linux_enterprise 12.0
opensuse opensuse 12.1
CVE-2016-9959 MEDIUM

game-music-emu before 0.6.1 allows remote attackers to generate out of bounds 8-bit values.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-125,CWE-787,

Products Affected

Vendor Product Version
opensuse_project leap 42.1
suse suse_linux_enterprise_server 12
game-music-emu_project game-music-emu *
opensuse leap 42.2
suse linux_enterprise_workstation_extension 12
suse linux_enterprise_software_development_kit 12
suse linux_enterprise_desktop 12
suse linux_enterprise 12.0
opensuse opensuse 12.1
CVE-2016-9960 LOW

game-music-emu before 0.6.1 allows local users to cause a denial of service (divide by zero and process crash).

CVSS 2.0

Severity: LOW

Problem Type: CWE-369,

Products Affected

Vendor Product Version
opensuse_project leap 42.1
fedoraproject fedora 25
game-music-emu_project game-music-emu *
opensuse leap 42.2
fedoraproject fedora 24
novell suse_linux_enterprise_software_development_kit 12.0
novell suse_linux_enterprise_server 12.0
novell suse_linux_enterprise_desktop 12.0
CVE-2016-9961 HIGH

game-music-emu before 0.6.1 mishandles unspecified integer values.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-189,

Products Affected

Vendor Product Version
opensuse_project leap 42.1
fedoraproject fedora 25
game-music-emu_project game-music-emu *
opensuse leap 42.2
fedoraproject fedora 24
novell suse_linux_enterprise_software_development_kit 12.0
novell suse_linux_enterprise_server 12.0
novell suse_linux_enterprise_desktop 12.0
CVE-2017-17446 MEDIUM

The Mem_File_Reader::read_avail function in Data_Reader.cpp in the Game_Music_Emu library (aka game-music-emu) 0.6.1 does not ensure a non-negative size, which allows remote attackers to cause a denial of service (application crash) via a crafted file.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-681,

Products Affected

Vendor Product Version
game-music-emu_project game-music-emu 0.6.1