Openmpt Libopenmpt vulnerabilities

CVE-2019-17113 [CRITICAL] CWE-120 CVE-2019-17113: In libopenmpt before 0.3.19 and 0.4.x before 0.4.9, ModPlug_InstrumentName and ModPlug_SampleName in In libopenmpt before 0.3.19 and 0.4.x before 0.4.9, ModPlug_InstrumentName and ModPlug_SampleName in libopenmpt_modplug.c do not restrict the lengths of libmodplug output-buffer strings in the C API, leading to a buffer overflow.

CVE-2019-14381 [HIGH] CWE-476 CVE-2019-14381: libopenmpt before 0.4.3 allows a crash due to a NULL pointer dereference when doing a portamento fro libopenmpt before 0.4.3 allows a crash due to a NULL pointer dereference when doing a portamento from an OPL instrument to an empty instrument note map slot.

CVE-2018-20860 [MEDIUM] CWE-20 CVE-2018-20860: libopenmpt before 0.3.13 allows a crash with malformed MED files. libopenmpt before 0.3.13 allows a crash with malformed MED files.

CVE-2019-14383 [MEDIUM] CWE-617 CVE-2019-14383: J2B in libopenmpt before 0.4.2 allows an assertion failure during file parsing with debug STLs. J2B in libopenmpt before 0.4.2 allows an assertion failure during file parsing with debug STLs.

CVE-2019-14380 [MEDIUM] CWE-125 CVE-2019-14380: libopenmpt before 0.4.5 allows a crash during playback due to an out-of-bounds read in XM and MT2 fi libopenmpt before 0.4.5 allows a crash during playback due to an out-of-bounds read in XM and MT2 files.

CVE-2019-14382 [MEDIUM] CWE-617 CVE-2019-14382: DSM in libopenmpt before 0.4.2 allows an assertion failure during file parsing with debug STLs. DSM in libopenmpt before 0.4.2 allows an assertion failure during file parsing with debug STLs.

CVE-2018-20861 [MEDIUM] CWE-20 CVE-2018-20861: libopenmpt before 0.3.11 allows a crash with certain malformed custom tunings in MPTM files. libopenmpt before 0.3.11 allows a crash with certain malformed custom tunings in MPTM files.

CVE-2018-11710 [HIGH] CWE-787 CVE-2018-11710: soundlib/pattern.h in libopenmpt before 0.3.9 allows remote attackers to cause a denial of service ( soundlib/pattern.h in libopenmpt before 0.3.9 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted AMS file because of an invalid write near address 0 in an out-of-memory situation.

CVE-2018-10017 [MEDIUM] CWE-125 CVE-2018-10017: soundlib/Snd_fx.cpp in OpenMPT before 1.27.07.00 and libopenmpt before 0.3.8 allows remote attackers soundlib/Snd_fx.cpp in OpenMPT before 1.27.07.00 and libopenmpt before 0.3.8 allows remote attackers to cause a denial of service (out-of-bounds read) via an IT or MO3 file with many nested pattern loops.

CVE-2018-6611 [HIGH] CWE-125 CVE-2018-6611: soundlib/Load_stp.cpp in OpenMPT through 1.27.04.00, and libopenmpt before 0.3.6, has an out-of-boun soundlib/Load_stp.cpp in OpenMPT through 1.27.04.00, and libopenmpt before 0.3.6, has an out-of-bounds read via a malformed STP file.

CVE-2017-11311 [HIGH] CWE-119 CVE-2017-11311: soundlib/Load_psm.cpp in OpenMPT through 1.26.12.00 and libopenmpt before 0.2.8461-beta26 has a heap soundlib/Load_psm.cpp in OpenMPT through 1.26.12.00 and libopenmpt before 0.2.8461-beta26 has a heap buffer overflow with the potential for arbitrary code execution via a crafted PSM File that triggers use of the same sample slot for two samples.