CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2017-17446

The Mem_File_Reader::read_avail function in Data_Reader.cpp in the Game_Music_Emu library (aka game-music-emu) 0.6.1 does not ensure a non-negative size, which allows remote attackers to cause a denial of service (application crash) via a crafted file.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.006

EPSS Ranking 69.6%

CVSS Severity

CVSS v3 Score 6.5

CVSS v2 Score 4.3

References

https://bitbucket.org/mpyne/game-music-emu/issues/14/addresssanitizer-negative-size-param-size
https://bugs.debian.org/883691
https://bitbucket.org/mpyne/game-music-emu/issues/14/addresssanitizer-negative-size-param-size
https://bugs.debian.org/883691

Products affected by CVE-2017-17446

Game-Music-Emu Project » Game-Music-Emu » Version: 0.6.1

cpe:2.3:a:game-music-emu_project:game-music-emu:0.6.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2017-17446

Products

Pricing

Contact Us