CVE-2017-12952

Опубликовано: 28 авг. 2017

Источник: debian

Описание

The LoadString function in helper.h in libgig 4.0.0 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted gig file.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
libgig	fixed	4.0.0-4		package
libgig	no-dsa		stretch	package
libgig	no-dsa		jessie	package
libgig	no-dsa		wheezy	package

Примечания

http://seclists.org/fulldisclosure/2017/Aug/39 (provides repoducer files)
http://svn.linuxsampler.org/cgi-bin/viewvc.cgi?view=revision&revision=3348

Связанные уязвимости

CVE-2017-12952

CVSS3: 6.5

ubuntu

больше 8 лет назад

The LoadString function in helper.h in libgig 4.0.0 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted gig file.

CVE-2017-12952

CVSS3: 6.5

nvd

больше 8 лет назад

The LoadString function in helper.h in libgig 4.0.0 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted gig file.

GHSA-2h8h-h9vg-9cr4

CVSS3: 6.5

github

больше 3 лет назад

The LoadString function in helper.h in libgig 4.0.0 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted gig file.