Описание
Musescore 3.0 to 4.0.1 has a stack buffer overflow vulnerability that occurs when reading misconfigured midi files. If attacker can additional information, attacker can execute arbitrary code.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| musescore | removed | package | ||
| musescore | not-affected | buster | package | |
| musescore2 | not-affected | package | ||
| musescore3 | fixed | 3.2.3+dfsg2-18 | package |
Примечания
https://github.com/musescore/MuseScore/issues/16346
Vulnerability triggered only on Windows codepath
EPSS
Связанные уязвимости
Musescore 3.0 to 4.0.1 has a stack buffer overflow vulnerability that occurs when reading misconfigured midi files. If attacker can additional information, attacker can execute arbitrary code.
Musescore 3.0 to 4.0.1 has a stack buffer overflow vulnerability that occurs when reading misconfigured midi files. If attacker can additional information, attacker can execute arbitrary code.
Musescore 3.0 to 4.0.1 has a stack buffer overflow vulnerability that occurs when reading misconfigured midi files. If attacker can additional information, attacker can execute arbitrary code.
EPSS