CVE-2016-9961

Опубликовано: 06 июн. 2017

Источник: nvd

CVSS3: 9.8

CVSS2: 10

EPSS Низкий

Описание

game-music-emu before 0.6.1 mishandles unspecified integer values.

Ссылки

http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00090.html
Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2017-01/msg00005.html
Third Party Advisory
http://www.openwall.com/lists/oss-security/2016/12/15/11
Mailing List
Third Party Advisory
http://www.securityfocus.com/bid/95305
Third Party Advisory
VDB Entry
https://bitbucket.org/mpyne/game-music-emu/wiki/Home
Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=1405423
Issue Tracking
Third Party Advisory
VDB Entry
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6LKMKVYS7AVB2EXC463FUYN6C6FABHME/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F7Z2OVERYM6NW3FGVGTJUNSL5ZNFSH2S/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GGHAQI5Q2XDSPGRRKPJJM3A73VWAFSFL/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QHFKIFSFIDXOKFUKAH2MBNXDTY6DYBF6/
https://scarybeastsecurity.blogspot.cz/2016/12/redux-compromising-linux-using-snes.html
Exploit
Technical Description
Third Party Advisory
https://security.gentoo.org/glsa/201707-02
http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00090.html
Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2017-01/msg00005.html
Third Party Advisory
http://www.openwall.com/lists/oss-security/2016/12/15/11
Mailing List
Third Party Advisory
http://www.securityfocus.com/bid/95305
Third Party Advisory
VDB Entry
https://bitbucket.org/mpyne/game-music-emu/wiki/Home
Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=1405423
Issue Tracking
Third Party Advisory
VDB Entry
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6LKMKVYS7AVB2EXC463FUYN6C6FABHME/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F7Z2OVERYM6NW3FGVGTJUNSL5ZNFSH2S/

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:game-music-emu_project:game-music-emu:*:*:*:*:*:*:*:*

Версия до 0.6.0 (включая)

Конфигурация 2

Одно из

cpe:2.3:o:fedoraproject:fedora:24:*:*:*:*:*:*:*

cpe:2.3:o:fedoraproject:fedora:25:*:*:*:*:*:*:*

Конфигурация 3

Одно из

cpe:2.3:o:opensuse:leap:42.2:*:*:*:*:*:*:*

cpe:2.3:o:opensuse_project:leap:42.1:*:*:*:*:*:*:*

Конфигурация 4

Одно из

cpe:2.3:a:novell:suse_linux_enterprise_software_development_kit:12.0:sp1:*:*:*:*:*:*

cpe:2.3:o:novell:suse_linux_enterprise_desktop:12.0:sp1:*:*:*:*:*:*

cpe:2.3:o:novell:suse_linux_enterprise_desktop:12.0:sp2:*:*:*:*:*:*

cpe:2.3:o:novell:suse_linux_enterprise_server:12.0:sp1:*:*:*:*:*:*

cpe:2.3:o:novell:suse_linux_enterprise_server:12.0:sp2:*:*:*:*:*:*

cpe:2.3:o:novell:suse_linux_enterprise_server:12.0:sp2:*:*:*:*:raspberry_pi:*

cpe:2.3:o:novell:suse_linux_enterprise_software_development_kit:12.0:sp2:*:*:*:*:*:*

EPSS

Процентиль: 86%

0.02847

Низкий

9.8 Critical

CVSS3

10 Critical

CVSS2

Дефекты

CWE-189

Связанные уязвимости

CVE-2016-9961

CVSS3: 9.8

ubuntu

больше 8 лет назад

game-music-emu before 0.6.1 mishandles unspecified integer values.

CVE-2016-9961

CVSS3: 9.8

debian

больше 8 лет назад

game-music-emu before 0.6.1 mishandles unspecified integer values.

GHSA-468v-hjgx-r39h

CVSS3: 9.8

github

больше 3 лет назад

game-music-emu before 0.6.1 mishandles unspecified integer values.

openSUSE-SU-2017:0022-1

suse-cvrf

около 9 лет назад

Security update for libgme

SUSE-SU-2016:3250-1

suse-cvrf

около 9 лет назад

Security update for libgme

EPSS

Процентиль: 86%

0.02847

Низкий

9.8 Critical

CVSS3

10 Critical

CVSS2

Дефекты

CWE-189