Candidate: CVE-2018-10753
PublicDate: 2018-05-05 02:29:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10753
 https://github.com/leesavide/abcm2ps/issues/16
 https://github.com/leesavide/abcm2ps/commit/fd956e19f88ee32f8ec4aece5901400b06e80bcc
 https://drive.google.com/drive/u/2/folders/1DvBEh5D-eW4UkvX3947UQh62i7hUIFN1
Description:
 Stack-based buffer overflow in the delayed_output function in music.c in
 abcm2ps through 8.13.20 allows remote attackers to cause a denial of
 service (application crash) or possibly have unspecified other impact.
Ubuntu-Description:
Notes:
Bugs:
 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=897966
Priority: medium
Discovered-by:
Assigned-to:
CVSS:
 nvd: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H [9.8 CRITICAL]


Patches_abcm2ps:
upstream_abcm2ps: needs-triage
precise/esm_abcm2ps: DNE
trusty_abcm2ps: ignored (reached end-of-life)
trusty/esm_abcm2ps: DNE (trusty was needs-triage)
xenial_abcm2ps: ignored (end of standard support, was needed)
artful_abcm2ps: ignored (reached end-of-life)
bionic_abcm2ps: needed
cosmic_abcm2ps: ignored (reached end-of-life)
disco_abcm2ps: not-affected (8.14.2-0.2)
eoan_abcm2ps: not-affected (8.14.2-0.2)
focal_abcm2ps: not-affected (8.14.2-0.2)
groovy_abcm2ps: not-affected (8.14.2-0.2)
hirsute_abcm2ps: not-affected (8.14.2-0.2)
impish_abcm2ps: not-affected (8.14.2-0.2)
jammy_abcm2ps: not-affected (8.14.2-0.2)
devel_abcm2ps: not-affected (8.14.2-0.2)