cbcvebase.
CVE-2017-12951
published 2017-08-28

CVE-2017-12951: The gig::DimensionRegion::CreateVelocityTable function in gig.cpp in libgig 4.0.0 allows remote attackers to cause a denial of service (stack-based buffer…

medium6.5CVSS 3.0
AVNACLPRNUIRSUCNINAH
EXPLOIT
The gig::DimensionRegion::CreateVelocityTable function in gig.cpp in libgig 4.0.0 allows remote attackers to cause a denial of service (stack-based buffer over-read and application crash) via a crafted gig file.

Affected

6 ranges
VendorProductVersion rangeFixed in
debianlibgig< libgig 4.0.0-5 (bookworm)libgig 4.0.0-5 (bookworm)
libgig0libgig
linuxsamplerlibgig>= 0 < 4.0.0-54.0.0-5
linuxsamplerlibgig>= 0 < 4.0.0-54.0.0-5
linuxsamplerlibgig>= 0 < 4.0.0-54.0.0-5
linuxsamplerlibgig>= 0 < 4.0.0-54.0.0-5

CVSS provenance

nvdv3.06.5MEDIUMCVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
osv6.5MEDIUM