Out of Bounds Vulnerability in Game Music Emu by Multiple Vendors
CVE-2016-9959

7.8HIGH

Key Information:

Vendor

Opensuse Project

Status
Leap
Linux Enterprise Software Development Kit
Linux Enterprise Desktop
Linux Enterprise
Vendor
CVE Published:
12 April 2017

What is CVE-2016-9959?

Game Music Emu versions prior to 0.6.1 are susceptible to an out of bounds vulnerability that can be exploited by remote attackers. This flaw allows the execution of arbitrary code through malformed SPC music files. Such an attack can result in unexpected behavior or crashes, particularly when the SPC700 audio co-processor of the Super Nintendo Entertainment System is emulated improperly. Users are urged to update to the latest version to mitigate potential risks.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://lists.opensuse.org/opensuse-security-announce/2016...
vendor-advisoryx_refsource_SUSE
https://lists.fedoraproject.org/archives/list/package-ann...
vendor-advisoryx_refsource_FEDORA
http://www.securityfocus.com/bid/95305
vdb-entryx_refsource_BID

CVSS V3.1

Score:
7.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.