Candidate: CVE-2017-1000418
PublicDate: 2018-01-02 18:29:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000418
 https://github.com/Mindwerks/wildmidi/commit/814f31d8eceda8401eb812fc2e94ed143fdad0ab
 https://github.com/Mindwerks/wildmidi/issues/178
Description:
 The WildMidi_Open function in WildMIDI since commit
 d8a466829c67cacbb1700beded25c448d99514e5 allows remote attackers to cause a
 denial of service (heap-based buffer overflow and application crash) or
 possibly have unspecified other impact via a crafted file.
Ubuntu-Description:
Notes:
Bugs:
Priority: untriaged
Discovered-by:
Assigned-to:
CVSS:
 nvd: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H [7.8 HIGH]


Patches_wildmidi:
upstream_wildmidi: released (0.4.2-1)
precise/esm_wildmidi: DNE
trusty_wildmidi: not-affected (code not present)
trusty/esm_wildmidi: not-affected (code not present)
xenial_wildmidi: not-affected (code not present)
zesty_wildmidi: ignored (reached end-of-life)
artful_wildmidi: ignored (reached end-of-life)
bionic_wildmidi: not-affected (0.4.2-1)
cosmic_wildmidi: not-affected (0.4.2-1)
devel_wildmidi: not-affected (0.4.2-1)