Описание
A buffer overflow in the GuitarPro1::read function of MuseScore Studio v4.3.2 allows attackers to to execute arbitrary code or cause a Denial of Service (DoS) via opening a crafted GuitarPro file.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| musescore3 | fixed | 3.2.3+dfsg2-18 | package | |
| musescore2 | fixed | 2.3.2+dfsg4-16 | package | |
| musescore | removed | package |
Примечания
https://github.com/moonadon9/CVE_2024
Fixed by: https://github.com/musescore/MuseScore/commit/0630461b734201db24139b0dc1657371fce41fb9 (v4.4.0)
Only supported with trusted files, see README.Debian shipped in package
EPSS
Связанные уязвимости
A buffer overflow in the GuitarPro1::read function of MuseScore Studio v4.3.2 allows attackers to to execute arbitrary code or cause a Denial of Service (DoS) via opening a crafted GuitarPro file.
A buffer overflow in the GuitarPro1::read function of MuseScore Studio v4.3.2 allows attackers to to execute arbitrary code or cause a Denial of Service (DoS) via opening a crafted GuitarPro file.
A buffer overflow in the GuitarPro1::read function of MuseScore Studio v4.3.2 allows attackers to to execute arbitrary code or cause a Denial of Service (DoS) via opening a crafted GuitarPro file.
EPSS