Base Score

CRITICAL9.8

CVE-2016-9961

game-music-emu before 0.6.1 mishandles unspecified integer values.

VectorNETWORK

Published Bysecurity@debian.org

Published DateJun 06, 2017, 18:29

Weakness Type (CWE):CWE-189

CVSS Metrics

Base Score

9.8

Vector String

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Base Severity

CRITICAL

Version

3.0

Attack Vector (AV)

NETWORK

Attack Complexity (AC)

LOW

Privileges Required (PR)

NONE

User Interaction (UI)

NONE

Scope (S)

UNCHANGED

Confidentiality (C)

HIGH

Integrity (I)

HIGH

Availability (A)

HIGH

References

http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00090.html
http://lists.opensuse.org/opensuse-security-announce/2017-01/msg00005.html
http://www.openwall.com/lists/oss-security/2016/12/15/11
http://www.securityfocus.com/bid/95305
https://bitbucket.org/mpyne/game-music-emu/wiki/Home
https://bugzilla.redhat.com/show_bug.cgi?id=1405423
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6LKMKVYS7AVB2EXC463FUYN6C6FABHME/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F7Z2OVERYM6NW3FGVGTJUNSL5ZNFSH2S/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GGHAQI5Q2XDSPGRRKPJJM3A73VWAFSFL/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QHFKIFSFIDXOKFUKAH2MBNXDTY6DYBF6/
https://scarybeastsecurity.blogspot.cz/2016/12/redux-compromising-linux-using-snes.html
https://security.gentoo.org/glsa/201707-02

Base Score

CRITICAL9.8

Weakness Type (CWE):CWE-189

CVSS Metrics

Base Score

9.8

Vector String

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Base Severity

CRITICAL

Version

3.0

Attack Vector (AV)

NETWORK

Attack Complexity (AC)

LOW

Privileges Required (PR)

NONE

User Interaction (UI)

NONE

Scope (S)

UNCHANGED

Confidentiality (C)

HIGH

Integrity (I)

HIGH

Availability (A)

HIGH