OpenMPT libopenmpt 0.2.5705 Beta15

CPE Details

OpenMPT libopenmpt 0.2.5705 Beta15
openmpt
libopenmpt
0.2.5705
2019-06-03
14h23 +00:00
2019-06-03
14h23 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:openmpt:libopenmpt:0.2.5705:beta15:*:*:*:*:*:*

Informations

Vendor

openmpt

Product

libopenmpt

Version

0.2.5705

Update

beta15

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2019-17113 2019-10-03 21h57 +00:00 In libopenmpt before 0.3.19 and 0.4.x before 0.4.9, ModPlug_InstrumentName and ModPlug_SampleName in libopenmpt_modplug.c do not restrict the lengths of libmodplug output-buffer strings in the C API, leading to a buffer overflow.
9.8
Critical
CVE-2019-14380 2019-07-30 16h35 +00:00 libopenmpt before 0.4.5 allows a crash during playback due to an out-of-bounds read in XM and MT2 files.
6.5
Medium
CVE-2019-14382 2019-07-30 16h34 +00:00 DSM in libopenmpt before 0.4.2 allows an assertion failure during file parsing with debug STLs.
6.5
Medium
CVE-2019-14383 2019-07-30 16h33 +00:00 J2B in libopenmpt before 0.4.2 allows an assertion failure during file parsing with debug STLs.
6.5
Medium
CVE-2018-20860 2019-07-30 16h33 +00:00 libopenmpt before 0.3.13 allows a crash with malformed MED files.
6.5
Medium
CVE-2018-20861 2019-07-30 16h32 +00:00 libopenmpt before 0.3.11 allows a crash with certain malformed custom tunings in MPTM files.
6.5
Medium
CVE-2019-14381 2019-07-30 10h41 +00:00 libopenmpt before 0.4.3 allows a crash due to a NULL pointer dereference when doing a portamento from an OPL instrument to an empty instrument note map slot.
7.5
High
CVE-2018-11710 2018-06-04 13h00 +00:00 soundlib/pattern.h in libopenmpt before 0.3.9 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted AMS file because of an invalid write near address 0 in an out-of-memory situation.
8.8
High
CVE-2018-10017 2018-04-11 03h00 +00:00 soundlib/Snd_fx.cpp in OpenMPT before 1.27.07.00 and libopenmpt before 0.3.8 allows remote attackers to cause a denial of service (out-of-bounds read) via an IT or MO3 file with many nested pattern loops.
6.5
Medium
CVE-2018-6611 2018-02-04 11h00 +00:00 soundlib/Load_stp.cpp in OpenMPT through 1.27.04.00, and libopenmpt before 0.3.6, has an out-of-bounds read via a malformed STP file.
8.8
High
The information presented on CVE Find originates from several carefully selected reference sources. CVE data is provided by MITRE Corporation and the National Vulnerability Database (NVD). The Known Exploited Vulnerabilities (KEV) catalog is sourced from the Cybersecurity and Infrastructure Security Agency (CISA), while EPSS scores come from FIRST.org. Additionally, data regarding software weaknesses (CWE) and common attack patterns (CAPEC) is maintained by MITRE Corporation, and information on hardware and software configurations (CPE) is provided by the NVD.