Lucene search
K

7 matches found

Mageia
Mageia
added 2018/02/28 1:55 p.m.35 views

Updated TiMidity++ packages fix security vulnerabilities

The insertnotesteps function in readmidi.c in TiMidity++ 2.14.0 allows remote attackers to cause a denial of service divide-by-zero error and application crash via a crafted mid file. NOTE: a crash might be relevant when using the --background option CVE-2017-11546. The resamplegauss function in...

5.5CVSS4.7AI score0.01097EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2018/02/26 12:0 a.m.21 views

openSUSE Security Update : timidity (openSUSE-2018-208)

This update for timidity fixes the following issues : Security issues fixed : - CVE-2017-11546: Fix division-by-zero with malformed MIDI file boo1081694 - CVE-2017-11547: Fix out-of-bound accesses in the resamplers boo1081694 Other issues fixed : - Drop tcl/tk dependency; it's already broken with...

5.5CVSS5.5AI score0.01097EPSS
Exploits0References3
OSV
OSV
added 2017/07/31 1:29 p.m.6 views

CVE-2017-11547

The resamplegauss function in resample.c in TiMidity++ 2.14.0 allows remote attackers to cause a denial of service heap-based buffer over-read via a crafted mid file. NOTE: a crash might be relevant when using the --background option. NOTE: the TiMidity++ README.alsaseq documentation suggests a...

5.5CVSS5.4AI score
Exploits0References1
NVD
NVD
added 2017/07/31 1:29 p.m.18 views

CVE-2017-11547

The resamplegauss function in resample.c in TiMidity++ 2.14.0 allows remote attackers to cause a denial of service heap-based buffer over-read via a crafted mid file. NOTE: a crash might be relevant when using the --background option. NOTE: the TiMidity++ README.alsaseq documentation suggests a...

5.5CVSS5.3AI score0.01097EPSS
Exploits0References1
CVE
CVE
added 2017/07/31 1:0 p.m.66 views

CVE-2017-11547

CVE-2017-11547 affects TiMidity++ 2.14.0, where the resample_gauss function in resample.c can cause a heap-based buffer over-read via a crafted MIDI file, leading to denial of service (potential crash). The initial description notes a possible crash with --background; exploitation details/patch s...

5.5CVSS5.2AI score0.01097EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2017/07/31 1:0 p.m.28 views

CVE-2017-11547

The resamplegauss function in resample.c in TiMidity++ 2.14.0 allows remote attackers to cause a denial of service heap-based buffer over-read via a crafted mid file. NOTE: a crash might be relevant when using the --background option. NOTE: the TiMidity++ README.alsaseq documentation suggests a...

5.2AI score0.01097EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2017/07/31 1:0 p.m.25 views

CVE-2017-11547

The resamplegauss function in resample.c in TiMidity++ 2.14.0 allows remote attackers to cause a denial of service heap-based buffer over-read via a crafted mid file. NOTE: a crash might be relevant when using the --background option. NOTE: the TiMidity++ README.alsaseq documentation suggests a...

5.5CVSS5.3AI score0.01097EPSS
Exploits0
Rows per page
Query Builder