Stack-based buffer overflow in game-music-emu before 0.6.1.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| opensuse_project | leap | 42.1 |
| suse | suse_linux_enterprise_server | 12 |
| game-music-emu_project | game-music-emu | * |
| opensuse | leap | 42.2 |
| suse | linux_enterprise_workstation_extension | 12 |
| suse | linux_enterprise_software_development_kit | 12 |
| suse | linux_enterprise_desktop | 12 |
| suse | linux_enterprise | 12.0 |
| opensuse | opensuse | 12.1 |
game-music-emu before 0.6.1 allows remote attackers to write to arbitrary memory locations.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| opensuse_project | leap | 42.1 |
| suse | suse_linux_enterprise_server | 12 |
| game-music-emu_project | game-music-emu | * |
| opensuse | leap | 42.2 |
| suse | linux_enterprise_workstation_extension | 12 |
| suse | linux_enterprise_software_development_kit | 12 |
| suse | linux_enterprise_desktop | 12 |
| suse | linux_enterprise | 12.0 |
| opensuse | opensuse | 12.1 |
game-music-emu before 0.6.1 allows remote attackers to generate out of bounds 8-bit values.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-125,CWE-787,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| opensuse_project | leap | 42.1 |
| suse | suse_linux_enterprise_server | 12 |
| game-music-emu_project | game-music-emu | * |
| opensuse | leap | 42.2 |
| suse | linux_enterprise_workstation_extension | 12 |
| suse | linux_enterprise_software_development_kit | 12 |
| suse | linux_enterprise_desktop | 12 |
| suse | linux_enterprise | 12.0 |
| opensuse | opensuse | 12.1 |
game-music-emu before 0.6.1 allows local users to cause a denial of service (divide by zero and process crash).
CVSS 2.0
Severity: LOW
Problem Type: CWE-369,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| opensuse_project | leap | 42.1 |
| fedoraproject | fedora | 25 |
| game-music-emu_project | game-music-emu | * |
| opensuse | leap | 42.2 |
| fedoraproject | fedora | 24 |
| novell | suse_linux_enterprise_software_development_kit | 12.0 |
| novell | suse_linux_enterprise_server | 12.0 |
| novell | suse_linux_enterprise_desktop | 12.0 |
game-music-emu before 0.6.1 mishandles unspecified integer values.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-189,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| opensuse_project | leap | 42.1 |
| fedoraproject | fedora | 25 |
| game-music-emu_project | game-music-emu | * |
| opensuse | leap | 42.2 |
| fedoraproject | fedora | 24 |
| novell | suse_linux_enterprise_software_development_kit | 12.0 |
| novell | suse_linux_enterprise_server | 12.0 |
| novell | suse_linux_enterprise_desktop | 12.0 |
The Mem_File_Reader::read_avail function in Data_Reader.cpp in the Game_Music_Emu library (aka game-music-emu) 0.6.1 does not ensure a non-negative size, which allows remote attackers to cause a denial of service (application crash) via a crafted file.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-681,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| game-music-emu_project | game-music-emu | 0.6.1 |