Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
11 vulnerabilities by openmpt
CVE-2019-17113 (GCVE-0-2019-17113)
Vulnerability from cvelistv5 – Published: 2019-10-03 23:57 – Updated: 2024-08-05 01:33
VLAI?
Summary
In libopenmpt before 0.3.19 and 0.4.x before 0.4.9, ModPlug_InstrumentName and ModPlug_SampleName in libopenmpt_modplug.c do not restrict the lengths of libmodplug output-buffer strings in the C API, leading to a buffer overflow.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T01:33:16.633Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/OpenMPT/openmpt/commit/927688ddab43c2b203569de79407a899e734fabe"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://source.openmpt.org/browse/openmpt/trunk/OpenMPT/?op=revision\u0026rev=12127\u0026peg=12127"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/OpenMPT/openmpt/compare/libopenmpt-0.4.8...libopenmpt-0.4.9"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/OpenMPT/openmpt/compare/libopenmpt-0.3.18...libopenmpt-0.3.19"
},
{
"name": "openSUSE-SU-2019:2306",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00035.html"
},
{
"name": "openSUSE-SU-2019:2319",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00044.html"
},
{
"name": "DSA-4729",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2020/dsa-4729"
},
{
"name": "[debian-lts-announce] 20200801 [SECURITY] [DLA 2308-1] libopenmpt security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00003.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In libopenmpt before 0.3.19 and 0.4.x before 0.4.9, ModPlug_InstrumentName and ModPlug_SampleName in libopenmpt_modplug.c do not restrict the lengths of libmodplug output-buffer strings in the C API, leading to a buffer overflow."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-08-02T00:06:16.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/OpenMPT/openmpt/commit/927688ddab43c2b203569de79407a899e734fabe"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://source.openmpt.org/browse/openmpt/trunk/OpenMPT/?op=revision\u0026rev=12127\u0026peg=12127"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/OpenMPT/openmpt/compare/libopenmpt-0.4.8...libopenmpt-0.4.9"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/OpenMPT/openmpt/compare/libopenmpt-0.3.18...libopenmpt-0.3.19"
},
{
"name": "openSUSE-SU-2019:2306",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00035.html"
},
{
"name": "openSUSE-SU-2019:2319",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00044.html"
},
{
"name": "DSA-4729",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2020/dsa-4729"
},
{
"name": "[debian-lts-announce] 20200801 [SECURITY] [DLA 2308-1] libopenmpt security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00003.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-17113",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In libopenmpt before 0.3.19 and 0.4.x before 0.4.9, ModPlug_InstrumentName and ModPlug_SampleName in libopenmpt_modplug.c do not restrict the lengths of libmodplug output-buffer strings in the C API, leading to a buffer overflow."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/OpenMPT/openmpt/commit/927688ddab43c2b203569de79407a899e734fabe",
"refsource": "MISC",
"url": "https://github.com/OpenMPT/openmpt/commit/927688ddab43c2b203569de79407a899e734fabe"
},
{
"name": "https://source.openmpt.org/browse/openmpt/trunk/OpenMPT/?op=revision\u0026rev=12127\u0026peg=12127",
"refsource": "MISC",
"url": "https://source.openmpt.org/browse/openmpt/trunk/OpenMPT/?op=revision\u0026rev=12127\u0026peg=12127"
},
{
"name": "https://github.com/OpenMPT/openmpt/compare/libopenmpt-0.4.8...libopenmpt-0.4.9",
"refsource": "MISC",
"url": "https://github.com/OpenMPT/openmpt/compare/libopenmpt-0.4.8...libopenmpt-0.4.9"
},
{
"name": "https://github.com/OpenMPT/openmpt/compare/libopenmpt-0.3.18...libopenmpt-0.3.19",
"refsource": "MISC",
"url": "https://github.com/OpenMPT/openmpt/compare/libopenmpt-0.3.18...libopenmpt-0.3.19"
},
{
"name": "openSUSE-SU-2019:2306",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00035.html"
},
{
"name": "openSUSE-SU-2019:2319",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00044.html"
},
{
"name": "DSA-4729",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2020/dsa-4729"
},
{
"name": "[debian-lts-announce] 20200801 [SECURITY] [DLA 2308-1] libopenmpt security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00003.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-17113",
"datePublished": "2019-10-03T23:57:36.000Z",
"dateReserved": "2019-10-03T00:00:00.000Z",
"dateUpdated": "2024-08-05T01:33:16.633Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-14380 (GCVE-0-2019-14380)
Vulnerability from cvelistv5 – Published: 2019-07-30 18:35 – Updated: 2024-08-05 00:19
VLAI?
Summary
libopenmpt before 0.4.5 allows a crash during playback due to an out-of-bounds read in XM and MT2 files.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T00:19:39.805Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://lib.openmpt.org/libopenmpt/2019/05/27/security-update-0.4.5/"
},
{
"name": "DSA-4729",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2020/dsa-4729"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "libopenmpt before 0.4.5 allows a crash during playback due to an out-of-bounds read in XM and MT2 files."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-07-20T11:06:14.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://lib.openmpt.org/libopenmpt/2019/05/27/security-update-0.4.5/"
},
{
"name": "DSA-4729",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2020/dsa-4729"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-14380",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "libopenmpt before 0.4.5 allows a crash during playback due to an out-of-bounds read in XM and MT2 files."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://lib.openmpt.org/libopenmpt/2019/05/27/security-update-0.4.5/",
"refsource": "MISC",
"url": "https://lib.openmpt.org/libopenmpt/2019/05/27/security-update-0.4.5/"
},
{
"name": "DSA-4729",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2020/dsa-4729"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-14380",
"datePublished": "2019-07-30T18:35:28.000Z",
"dateReserved": "2019-07-29T00:00:00.000Z",
"dateUpdated": "2024-08-05T00:19:39.805Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-14382 (GCVE-0-2019-14382)
Vulnerability from cvelistv5 – Published: 2019-07-30 18:34 – Updated: 2024-08-05 00:19
VLAI?
Summary
DSM in libopenmpt before 0.4.2 allows an assertion failure during file parsing with debug STLs.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T00:19:40.942Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://lib.openmpt.org/libopenmpt/2019/01/22/security-updates-0.4.2-0.3.15-0.2.11253-beta37-0.2.7561-beta20.5-p13-0.2.7386-beta20.3-p16/"
},
{
"name": "openSUSE-SU-2019:2212",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00085.html"
},
{
"name": "openSUSE-SU-2019:2213",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00084.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "DSM in libopenmpt before 0.4.2 allows an assertion failure during file parsing with debug STLs."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-09-28T23:06:09.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://lib.openmpt.org/libopenmpt/2019/01/22/security-updates-0.4.2-0.3.15-0.2.11253-beta37-0.2.7561-beta20.5-p13-0.2.7386-beta20.3-p16/"
},
{
"name": "openSUSE-SU-2019:2212",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00085.html"
},
{
"name": "openSUSE-SU-2019:2213",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00084.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-14382",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "DSM in libopenmpt before 0.4.2 allows an assertion failure during file parsing with debug STLs."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://lib.openmpt.org/libopenmpt/2019/01/22/security-updates-0.4.2-0.3.15-0.2.11253-beta37-0.2.7561-beta20.5-p13-0.2.7386-beta20.3-p16/",
"refsource": "MISC",
"url": "https://lib.openmpt.org/libopenmpt/2019/01/22/security-updates-0.4.2-0.3.15-0.2.11253-beta37-0.2.7561-beta20.5-p13-0.2.7386-beta20.3-p16/"
},
{
"name": "openSUSE-SU-2019:2212",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00085.html"
},
{
"name": "openSUSE-SU-2019:2213",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00084.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-14382",
"datePublished": "2019-07-30T18:34:51.000Z",
"dateReserved": "2019-07-29T00:00:00.000Z",
"dateUpdated": "2024-08-05T00:19:40.942Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-14383 (GCVE-0-2019-14383)
Vulnerability from cvelistv5 – Published: 2019-07-30 18:33 – Updated: 2024-08-05 00:19
VLAI?
Summary
J2B in libopenmpt before 0.4.2 allows an assertion failure during file parsing with debug STLs.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T00:19:40.474Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://lib.openmpt.org/libopenmpt/2019/01/22/security-updates-0.4.2-0.3.15-0.2.11253-beta37-0.2.7561-beta20.5-p13-0.2.7386-beta20.3-p16/"
},
{
"name": "openSUSE-SU-2019:2212",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00085.html"
},
{
"name": "openSUSE-SU-2019:2213",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00084.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "J2B in libopenmpt before 0.4.2 allows an assertion failure during file parsing with debug STLs."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-09-28T23:06:10.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://lib.openmpt.org/libopenmpt/2019/01/22/security-updates-0.4.2-0.3.15-0.2.11253-beta37-0.2.7561-beta20.5-p13-0.2.7386-beta20.3-p16/"
},
{
"name": "openSUSE-SU-2019:2212",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00085.html"
},
{
"name": "openSUSE-SU-2019:2213",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00084.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-14383",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "J2B in libopenmpt before 0.4.2 allows an assertion failure during file parsing with debug STLs."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://lib.openmpt.org/libopenmpt/2019/01/22/security-updates-0.4.2-0.3.15-0.2.11253-beta37-0.2.7561-beta20.5-p13-0.2.7386-beta20.3-p16/",
"refsource": "MISC",
"url": "https://lib.openmpt.org/libopenmpt/2019/01/22/security-updates-0.4.2-0.3.15-0.2.11253-beta37-0.2.7561-beta20.5-p13-0.2.7386-beta20.3-p16/"
},
{
"name": "openSUSE-SU-2019:2212",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00085.html"
},
{
"name": "openSUSE-SU-2019:2213",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00084.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-14383",
"datePublished": "2019-07-30T18:33:58.000Z",
"dateReserved": "2019-07-29T00:00:00.000Z",
"dateUpdated": "2024-08-05T00:19:40.474Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-20860 (GCVE-0-2018-20860)
Vulnerability from cvelistv5 – Published: 2019-07-30 18:33 – Updated: 2024-08-05 12:12
VLAI?
Summary
libopenmpt before 0.3.13 allows a crash with malformed MED files.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T12:12:29.698Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://lib.openmpt.org/libopenmpt/2018/10/21/security-updates-0.3.13-0.2.10933-beta36-0.2.7561-beta20.5-p11-0.2.7386-beta20.3-p14/"
},
{
"name": "openSUSE-SU-2019:2212",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00085.html"
},
{
"name": "openSUSE-SU-2019:2213",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00084.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "libopenmpt before 0.3.13 allows a crash with malformed MED files."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-09-28T23:06:08.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://lib.openmpt.org/libopenmpt/2018/10/21/security-updates-0.3.13-0.2.10933-beta36-0.2.7561-beta20.5-p11-0.2.7386-beta20.3-p14/"
},
{
"name": "openSUSE-SU-2019:2212",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00085.html"
},
{
"name": "openSUSE-SU-2019:2213",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00084.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-20860",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "libopenmpt before 0.3.13 allows a crash with malformed MED files."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://lib.openmpt.org/libopenmpt/2018/10/21/security-updates-0.3.13-0.2.10933-beta36-0.2.7561-beta20.5-p11-0.2.7386-beta20.3-p14/",
"refsource": "MISC",
"url": "https://lib.openmpt.org/libopenmpt/2018/10/21/security-updates-0.3.13-0.2.10933-beta36-0.2.7561-beta20.5-p11-0.2.7386-beta20.3-p14/"
},
{
"name": "openSUSE-SU-2019:2212",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00085.html"
},
{
"name": "openSUSE-SU-2019:2213",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00084.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-20860",
"datePublished": "2019-07-30T18:33:03.000Z",
"dateReserved": "2019-07-29T00:00:00.000Z",
"dateUpdated": "2024-08-05T12:12:29.698Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-20861 (GCVE-0-2018-20861)
Vulnerability from cvelistv5 – Published: 2019-07-30 18:32 – Updated: 2024-08-05 12:12
VLAI?
Summary
libopenmpt before 0.3.11 allows a crash with certain malformed custom tunings in MPTM files.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T12:12:28.628Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://lib.openmpt.org/libopenmpt/2018/07/28/security-updates-0.3.11-0.2.10635-beta34-0.2.7561-beta20.5-p10-0.2.7386-beta20.3-p13/"
},
{
"name": "openSUSE-SU-2019:2212",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00085.html"
},
{
"name": "openSUSE-SU-2019:2213",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00084.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "libopenmpt before 0.3.11 allows a crash with certain malformed custom tunings in MPTM files."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-09-28T23:06:07.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://lib.openmpt.org/libopenmpt/2018/07/28/security-updates-0.3.11-0.2.10635-beta34-0.2.7561-beta20.5-p10-0.2.7386-beta20.3-p13/"
},
{
"name": "openSUSE-SU-2019:2212",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00085.html"
},
{
"name": "openSUSE-SU-2019:2213",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00084.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-20861",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "libopenmpt before 0.3.11 allows a crash with certain malformed custom tunings in MPTM files."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://lib.openmpt.org/libopenmpt/2018/07/28/security-updates-0.3.11-0.2.10635-beta34-0.2.7561-beta20.5-p10-0.2.7386-beta20.3-p13/",
"refsource": "MISC",
"url": "https://lib.openmpt.org/libopenmpt/2018/07/28/security-updates-0.3.11-0.2.10635-beta34-0.2.7561-beta20.5-p10-0.2.7386-beta20.3-p13/"
},
{
"name": "openSUSE-SU-2019:2212",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00085.html"
},
{
"name": "openSUSE-SU-2019:2213",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00084.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-20861",
"datePublished": "2019-07-30T18:32:13.000Z",
"dateReserved": "2019-07-29T00:00:00.000Z",
"dateUpdated": "2024-08-05T12:12:28.628Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-14381 (GCVE-0-2019-14381)
Vulnerability from cvelistv5 – Published: 2019-07-30 12:41 – Updated: 2024-08-05 00:19
VLAI?
Summary
libopenmpt before 0.4.3 allows a crash due to a NULL pointer dereference when doing a portamento from an OPL instrument to an empty instrument note map slot.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T00:19:39.828Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://lib.openmpt.org/libopenmpt/2019/02/11/security-update-0.4.3/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "libopenmpt before 0.4.3 allows a crash due to a NULL pointer dereference when doing a portamento from an OPL instrument to an empty instrument note map slot."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-07-30T12:41:13.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://lib.openmpt.org/libopenmpt/2019/02/11/security-update-0.4.3/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-14381",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "libopenmpt before 0.4.3 allows a crash due to a NULL pointer dereference when doing a portamento from an OPL instrument to an empty instrument note map slot."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://lib.openmpt.org/libopenmpt/2019/02/11/security-update-0.4.3/",
"refsource": "CONFIRM",
"url": "https://lib.openmpt.org/libopenmpt/2019/02/11/security-update-0.4.3/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-14381",
"datePublished": "2019-07-30T12:41:13.000Z",
"dateReserved": "2019-07-29T00:00:00.000Z",
"dateUpdated": "2024-08-05T00:19:39.828Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-11710 (GCVE-0-2018-11710)
Vulnerability from cvelistv5 – Published: 2018-06-04 13:00 – Updated: 2024-09-16 18:19
VLAI?
Summary
soundlib/pattern.h in libopenmpt before 0.3.9 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted AMS file because of an invalid write near address 0 in an out-of-memory situation.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T08:17:09.103Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://lib.openmpt.org/libopenmpt/2018/04/29/security-updates-0.3.9-0.2-beta32-0.2.7561-beta20.5-p9-0.2.7386-beta20.3-p12/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://source.openmpt.org/browse/openmpt/trunk/?op=revision\u0026rev=10149\u0026peg=10150"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "soundlib/pattern.h in libopenmpt before 0.3.9 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted AMS file because of an invalid write near address 0 in an out-of-memory situation."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-06-04T13:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://lib.openmpt.org/libopenmpt/2018/04/29/security-updates-0.3.9-0.2-beta32-0.2.7561-beta20.5-p9-0.2.7386-beta20.3-p12/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://source.openmpt.org/browse/openmpt/trunk/?op=revision\u0026rev=10149\u0026peg=10150"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-11710",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "soundlib/pattern.h in libopenmpt before 0.3.9 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted AMS file because of an invalid write near address 0 in an out-of-memory situation."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://lib.openmpt.org/libopenmpt/2018/04/29/security-updates-0.3.9-0.2-beta32-0.2.7561-beta20.5-p9-0.2.7386-beta20.3-p12/",
"refsource": "CONFIRM",
"url": "https://lib.openmpt.org/libopenmpt/2018/04/29/security-updates-0.3.9-0.2-beta32-0.2.7561-beta20.5-p9-0.2.7386-beta20.3-p12/"
},
{
"name": "https://source.openmpt.org/browse/openmpt/trunk/?op=revision\u0026rev=10149\u0026peg=10150",
"refsource": "CONFIRM",
"url": "https://source.openmpt.org/browse/openmpt/trunk/?op=revision\u0026rev=10149\u0026peg=10150"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-11710",
"datePublished": "2018-06-04T13:00:00.000Z",
"dateReserved": "2018-06-04T00:00:00.000Z",
"dateUpdated": "2024-09-16T18:19:31.767Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-10017 (GCVE-0-2018-10017)
Vulnerability from cvelistv5 – Published: 2018-04-11 05:00 – Updated: 2024-08-05 07:32
VLAI?
Summary
soundlib/Snd_fx.cpp in OpenMPT before 1.27.07.00 and libopenmpt before 0.3.8 allows remote attackers to cause a denial of service (out-of-bounds read) via an IT or MO3 file with many nested pattern loops.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Date Public ?
2018-04-11 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T07:32:01.251Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://openmpt.org/openmpt-1-27-07-00-released"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://lib.openmpt.org/libopenmpt/2018/04/08/security-updates-0.3.8-0.2-beta31-0.2.7561-beta20.5-p8-0.2.7386-beta20.3-p11/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/OpenMPT/openmpt/commit/7ebf02af2e90f03e0dbd0e18b8b3164f372fb97c"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-04-11T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "soundlib/Snd_fx.cpp in OpenMPT before 1.27.07.00 and libopenmpt before 0.3.8 allows remote attackers to cause a denial of service (out-of-bounds read) via an IT or MO3 file with many nested pattern loops."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-10-07T17:43:05.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://openmpt.org/openmpt-1-27-07-00-released"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://lib.openmpt.org/libopenmpt/2018/04/08/security-updates-0.3.8-0.2-beta31-0.2.7561-beta20.5-p8-0.2.7386-beta20.3-p11/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/OpenMPT/openmpt/commit/7ebf02af2e90f03e0dbd0e18b8b3164f372fb97c"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-10017",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "soundlib/Snd_fx.cpp in OpenMPT before 1.27.07.00 and libopenmpt before 0.3.8 allows remote attackers to cause a denial of service (out-of-bounds read) via an IT or MO3 file with many nested pattern loops."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://openmpt.org/openmpt-1-27-07-00-released",
"refsource": "CONFIRM",
"url": "https://openmpt.org/openmpt-1-27-07-00-released"
},
{
"name": "https://lib.openmpt.org/libopenmpt/2018/04/08/security-updates-0.3.8-0.2-beta31-0.2.7561-beta20.5-p8-0.2.7386-beta20.3-p11/",
"refsource": "CONFIRM",
"url": "https://lib.openmpt.org/libopenmpt/2018/04/08/security-updates-0.3.8-0.2-beta31-0.2.7561-beta20.5-p8-0.2.7386-beta20.3-p11/"
},
{
"name": "https://github.com/OpenMPT/openmpt/commit/7ebf02af2e90f03e0dbd0e18b8b3164f372fb97c",
"refsource": "CONFIRM",
"url": "https://github.com/OpenMPT/openmpt/commit/7ebf02af2e90f03e0dbd0e18b8b3164f372fb97c"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-10017",
"datePublished": "2018-04-11T05:00:00.000Z",
"dateReserved": "2018-04-11T00:00:00.000Z",
"dateUpdated": "2024-08-05T07:32:01.251Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-6611 (GCVE-0-2018-6611)
Vulnerability from cvelistv5 – Published: 2018-02-04 12:00 – Updated: 2024-08-05 06:10
VLAI?
Summary
soundlib/Load_stp.cpp in OpenMPT through 1.27.04.00, and libopenmpt before 0.3.6, has an out-of-bounds read via a malformed STP file.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Date Public ?
2018-02-04 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T06:10:10.590Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://lib.openmpt.org/libopenmpt/2018/02/03/security-update-0.3.6/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/OpenMPT/openmpt/commit/b60b322cf9f0ffa624018f1bb9783edf0dc908c3"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-02-04T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "soundlib/Load_stp.cpp in OpenMPT through 1.27.04.00, and libopenmpt before 0.3.6, has an out-of-bounds read via a malformed STP file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-10-08T17:47:24.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://lib.openmpt.org/libopenmpt/2018/02/03/security-update-0.3.6/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/OpenMPT/openmpt/commit/b60b322cf9f0ffa624018f1bb9783edf0dc908c3"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-6611",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "soundlib/Load_stp.cpp in OpenMPT through 1.27.04.00, and libopenmpt before 0.3.6, has an out-of-bounds read via a malformed STP file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://lib.openmpt.org/libopenmpt/2018/02/03/security-update-0.3.6/",
"refsource": "CONFIRM",
"url": "https://lib.openmpt.org/libopenmpt/2018/02/03/security-update-0.3.6/"
},
{
"name": "https://github.com/OpenMPT/openmpt/commit/b60b322cf9f0ffa624018f1bb9783edf0dc908c3",
"refsource": "CONFIRM",
"url": "https://github.com/OpenMPT/openmpt/commit/b60b322cf9f0ffa624018f1bb9783edf0dc908c3"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-6611",
"datePublished": "2018-02-04T12:00:00.000Z",
"dateReserved": "2018-02-04T00:00:00.000Z",
"dateUpdated": "2024-08-05T06:10:10.590Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-11311 (GCVE-0-2017-11311)
Vulnerability from cvelistv5 – Published: 2017-07-13 20:00 – Updated: 2024-08-05 18:05
VLAI?
Summary
soundlib/Load_psm.cpp in OpenMPT through 1.26.12.00 and libopenmpt before 0.2.8461-beta26 has a heap buffer overflow with the potential for arbitrary code execution via a crafted PSM File that triggers use of the same sample slot for two samples.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
Date Public ?
2017-07-13 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T18:05:30.579Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://source.openmpt.org/browse/openmpt/trunk/?rev=6800"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://source.openmpt.org/browse/openmpt/branches/OpenMPT-1.26/?op=revision\u0026rev=8438"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugs.debian.org/867579"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://lib.openmpt.org/libopenmpt/md_announce-2017-07-07.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2017-07-13T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "soundlib/Load_psm.cpp in OpenMPT through 1.26.12.00 and libopenmpt before 0.2.8461-beta26 has a heap buffer overflow with the potential for arbitrary code execution via a crafted PSM File that triggers use of the same sample slot for two samples."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-13T20:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://source.openmpt.org/browse/openmpt/trunk/?rev=6800"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://source.openmpt.org/browse/openmpt/branches/OpenMPT-1.26/?op=revision\u0026rev=8438"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugs.debian.org/867579"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://lib.openmpt.org/libopenmpt/md_announce-2017-07-07.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-11311",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "soundlib/Load_psm.cpp in OpenMPT through 1.26.12.00 and libopenmpt before 0.2.8461-beta26 has a heap buffer overflow with the potential for arbitrary code execution via a crafted PSM File that triggers use of the same sample slot for two samples."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://source.openmpt.org/browse/openmpt/trunk/?rev=6800",
"refsource": "CONFIRM",
"url": "https://source.openmpt.org/browse/openmpt/trunk/?rev=6800"
},
{
"name": "https://source.openmpt.org/browse/openmpt/branches/OpenMPT-1.26/?op=revision\u0026rev=8438",
"refsource": "CONFIRM",
"url": "https://source.openmpt.org/browse/openmpt/branches/OpenMPT-1.26/?op=revision\u0026rev=8438"
},
{
"name": "https://bugs.debian.org/867579",
"refsource": "CONFIRM",
"url": "https://bugs.debian.org/867579"
},
{
"name": "https://lib.openmpt.org/libopenmpt/md_announce-2017-07-07.html",
"refsource": "CONFIRM",
"url": "https://lib.openmpt.org/libopenmpt/md_announce-2017-07-07.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-11311",
"datePublished": "2017-07-13T20:00:00.000Z",
"dateReserved": "2017-07-13T00:00:00.000Z",
"dateUpdated": "2024-08-05T18:05:30.579Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}