Description
The resample_gauss function in resample.c in TiMidity++ 2.14.0 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted mid file. NOTE: a crash might be relevant when using the --background option. NOTE: the TiMidity++ README.alsaseq documentation suggests a setuid-root installation.
Analysis and contextual insights are available on OpenCVE Cloud.
Remediation
No vendor fix or workaround currently provided.
Additional remediation guidance may be available on OpenCVE Cloud.
Tracking
Sign in to view the affected projects.
Advisories
| Source | ID | Title |
|---|---|---|
EUVD |
EUVD-2017-3163 | The resample_gauss function in resample.c in TiMidity++ 2.14.0 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted mid file. NOTE: a crash might be relevant when using the --background option. NOTE: the TiMidity++ README.alsaseq documentation suggests a setuid-root installation. |
References
| Link | Providers |
|---|---|
| http://seclists.org/fulldisclosure/2017/Jul/83 |
|
History
No history.
Status: PUBLISHED
Assigner: mitre
Published:
Updated: 2024-08-05T18:12:40.316Z
Reserved: 2017-07-22T00:00:00.000Z
Link: CVE-2017-11547
No data.
Status : Modified
Published: 2017-07-31T13:29:01.253
Modified: 2026-06-17T01:01:58.830
Link: CVE-2017-11547
No data.
OpenCVE Enrichment
No data.
Weaknesses
EUVD