51 matches found
UBUNTU-CVE-2017-11549
The playmidi function in playmidi.c in TiMidity++ 2.14.0 allows remote attackers to cause a denial of service large loop and CPU consumption via a crafted mid file. NOTE: CPU consumption might be relevant when using the --background option...
CVE-2017-11546
The insertnotesteps function in readmidi.c in TiMidity++ 2.14.0 allows remote attackers to cause a denial of service divide-by-zero error and application crash via a crafted mid file. NOTE: a crash might be relevant when using the --background option...
CVE-2017-11546
The insertnotesteps function in readmidi.c in TiMidity++ 2.14.0 allows remote attackers to cause a denial of service divide-by-zero error and application crash via a crafted mid file. NOTE: a crash might be relevant when using the --background option...
CVE-2017-11547
The resamplegauss function in resample.c in TiMidity++ 2.14.0 allows remote attackers to cause a denial of service heap-based buffer over-read via a crafted mid file. NOTE: a crash might be relevant when using the --background option. NOTE: the TiMidity++ README.alsaseq documentation suggests a...
CVE-2017-11549
The playmidi function in playmidi.c in TiMidity++ 2.14.0 allows remote attackers to cause a denial of service large loop and CPU consumption via a crafted mid file. NOTE: CPU consumption might be relevant when using the --background option...
CVE-2017-11546
CVE-2017-11546 affects TiMidity++ 2.14.0. The vulnerability is in the insert_note_steps function (readmidi.c) and Allows a crafted MIDI file to trigger a divide-by-zero and crash the application (potentially relevant when running with --background). Connected advisories confirm a security patch; ...
CVE-2017-11547
CVE-2017-11547 affects TiMidity++ 2.14.0, where the resample_gauss function in resample.c can cause a heap-based buffer over-read via a crafted MIDI file, leading to denial of service (potential crash). The initial description notes a possible crash with --background; exploitation details/patch s...
CVE-2017-11547
The resamplegauss function in resample.c in TiMidity++ 2.14.0 allows remote attackers to cause a denial of service heap-based buffer over-read via a crafted mid file. NOTE: a crash might be relevant when using the --background option. NOTE: the TiMidity++ README.alsaseq documentation suggests a...
CVE-2017-11549
The playmidi function in playmidi.c in TiMidity++ 2.14.0 allows remote attackers to cause a denial of service large loop and CPU consumption via a crafted mid file. NOTE: CPU consumption might be relevant when using the --background option...
CVE-2017-11549
The CVE-2017-11549 entry concerns TiMidity++ 2.14.0, where the play_midi function in playmidi.c is vulnerable. A crafted MIDI file can trigger a remote denial of service, causing a large loop and high CPU usage; CPU consumption may be particularly relevant when running with --background. The conn...
TiMidity++ -- Multiple vulnerabilities
qflb.wu of DBAPPSecurity reports: Ihe insertnotesteps function in readmidi.c in TiMidity++ 2.14.0 can cause a denial of servicedivide-by-zero error and application crash via a crafted mid file. The resamplegauss function in resample.c in TiMidity++ 2.14.0 can cause a denial of...