ID CVE-2016-9961
Summary game-music-emu before 0.6.1 mishandles unspecified integer values.
References
Vulnerable Configurations
  • cpe:2.3:a:game-music-emu_project:game-music-emu:0.5.5:*:*:*:*:*:*:*
    cpe:2.3:a:game-music-emu_project:game-music-emu:0.5.5:*:*:*:*:*:*:*
  • cpe:2.3:a:game-music-emu_project:game-music-emu:0.6.0:*:*:*:*:*:*:*
    cpe:2.3:a:game-music-emu_project:game-music-emu:0.6.0:*:*:*:*:*:*:*
  • cpe:2.3:o:fedoraproject:fedora:25:*:*:*:*:*:*:*
    cpe:2.3:o:fedoraproject:fedora:25:*:*:*:*:*:*:*
  • cpe:2.3:o:fedoraproject:fedora:24:*:*:*:*:*:*:*
    cpe:2.3:o:fedoraproject:fedora:24:*:*:*:*:*:*:*
  • cpe:2.3:o:opensuse_project:leap:42.1:*:*:*:*:*:*:*
    cpe:2.3:o:opensuse_project:leap:42.1:*:*:*:*:*:*:*
  • cpe:2.3:o:opensuse:leap:42.2:*:*:*:*:*:*:*
    cpe:2.3:o:opensuse:leap:42.2:*:*:*:*:*:*:*
  • cpe:2.3:o:novell:suse_linux_enterprise_software_development_kit:12.0:sp2:*:*:*:*:*:*
    cpe:2.3:o:novell:suse_linux_enterprise_software_development_kit:12.0:sp2:*:*:*:*:*:*
  • cpe:2.3:o:novell:suse_linux_enterprise_desktop:12.0:sp2:*:*:*:*:*:*
    cpe:2.3:o:novell:suse_linux_enterprise_desktop:12.0:sp2:*:*:*:*:*:*
  • cpe:2.3:o:novell:suse_linux_enterprise_server:12.0:sp2:*:*:*:*:*:*
    cpe:2.3:o:novell:suse_linux_enterprise_server:12.0:sp2:*:*:*:*:*:*
  • cpe:2.3:o:novell:suse_linux_enterprise_server:12.0:sp1:*:*:*:*:*:*
    cpe:2.3:o:novell:suse_linux_enterprise_server:12.0:sp1:*:*:*:*:*:*
  • cpe:2.3:o:novell:suse_linux_enterprise_desktop:12.0:sp1:*:*:*:*:*:*
    cpe:2.3:o:novell:suse_linux_enterprise_desktop:12.0:sp1:*:*:*:*:*:*
  • cpe:2.3:o:novell:suse_linux_enterprise_server:12.0:sp2:*:*:*:*:raspberry_pi:*
    cpe:2.3:o:novell:suse_linux_enterprise_server:12.0:sp2:*:*:*:*:raspberry_pi:*
  • cpe:2.3:a:novell:suse_linux_enterprise_software_development_kit:12.0:sp1:*:*:*:*:*:*
    cpe:2.3:a:novell:suse_linux_enterprise_software_development_kit:12.0:sp1:*:*:*:*:*:*
CVSS
Base: 10.0 (as of 12-09-2023 - 14:45)
Impact:
Exploitability:
CWE CWE-189
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
cvss-vector via4 AV:N/AC:L/Au:N/C:C/I:C/A:C
refmap via4
bid 95305
confirm
fedora
  • FEDORA-2016-04383482b4
  • FEDORA-2016-fbf9f8b204
  • FEDORA-2017-3d771a1702
  • FEDORA-2017-5bf9a268df
gentoo GLSA-201707-02
misc https://scarybeastsecurity.blogspot.cz/2016/12/redux-compromising-linux-using-snes.html
mlist [oss-security] 20161215 Re: CVE Request: Game Music Emulators: incorrect emulation of the SPC700 audio co-processor of SNES: arbitrary code execution via malformed SPC music file
suse
  • SUSE-SU-2016:3250
  • openSUSE-SU-2017:0022
Last major update 12-09-2023 - 14:45
Published 06-06-2017 - 18:29
Last modified 12-09-2023 - 14:45
Back to Top