Game-Music-Emu Project Game-Music-Emu vulnerabilities

CVE-2017-17446 [MEDIUM] CWE-681 CVE-2017-17446: The Mem_File_Reader::read_avail function in Data_Reader.cpp in the Game_Music_Emu library (aka game- The Mem_File_Reader::read_avail function in Data_Reader.cpp in the Game_Music_Emu library (aka game-music-emu) 0.6.1 does not ensure a non-negative size, which allows remote attackers to cause a denial of service (application crash) via a crafted file.

CVE-2016-9961 [CRITICAL] CWE-189 CVE-2016-9961: game-music-emu before 0.6.1 mishandles unspecified integer values. game-music-emu before 0.6.1 mishandles unspecified integer values.

CVE-2016-9960 [MEDIUM] CWE-369 CVE-2016-9960: game-music-emu before 0.6.1 allows local users to cause a denial of service (divide by zero and proc game-music-emu before 0.6.1 allows local users to cause a denial of service (divide by zero and process crash).

CVE-2016-9959 [HIGH] CWE-125 CVE-2016-9959: game-music-emu before 0.6.1 allows remote attackers to generate out of bounds 8-bit values. game-music-emu before 0.6.1 allows remote attackers to generate out of bounds 8-bit values.

CVE-2016-9958 [HIGH] CWE-119 CVE-2016-9958: game-music-emu before 0.6.1 allows remote attackers to write to arbitrary memory locations. game-music-emu before 0.6.1 allows remote attackers to write to arbitrary memory locations.

CVE-2016-9957 [HIGH] CWE-119 CVE-2016-9957: Stack-based buffer overflow in game-music-emu before 0.6.1. Stack-based buffer overflow in game-music-emu before 0.6.1.