Vulnerability Name:

CVE-2017-11311 (CCN-129071)

Assigned:2017-07-13
Published:2017-07-13
Updated:2017-07-27
Summary:soundlib/Load_psm.cpp in OpenMPT through 1.26.12.00 and libopenmpt before 0.2.8461-beta26 has a heap buffer overflow with the potential for arbitrary code execution via a crafted PSM File that triggers use of the same sample slot for two samples.
CVSS v3 Severity:7.8 High (CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)
6.8 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Local
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): Required
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): High
Integrity (I): High
Availibility (A): High
5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L)
4.6 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L/E:U/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Local
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): Required
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): Low
Integrity (I): Low
Availibility (A): Low
CVSS v2 Severity:6.8 Medium (CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Medium
Authentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): Partial
4.3 Medium (CCN CVSS v2 Vector: AV:L/AC:L/Au:S/C:P/I:P/A:P)
Exploitability Metrics:Access Vector (AV): Local
Access Complexity (AC): Low
Athentication (Au): Single_Instance
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): Partial
Vulnerability Type:CWE-119
Vulnerability Consequences:Gain Access
References:Source: MITRE
Type: CNA
CVE-2017-11311

Source: CONFIRM
Type: Issue Tracking, Patch, Third Party Advisory
https://bugs.debian.org/867579

Source: CCN
Type: Debian Bug report logs - #867579
libopenmpt: CVE-2017-11311

Source: XF
Type: UNKNOWN
libopenmpt-cve201711311-bo(129071)

Source: CCN
Type: libopenmpt Web site
libopenmpt and openmpt123 - libopenmpt security updates 0.2.8461-beta26, 0.2.7561-beta20.5-p7, 0.2.7386-beta20.3-p10

Source: CONFIRM
Type: Patch, Vendor Advisory
https://lib.openmpt.org/libopenmpt/md_announce-2017-07-07.html

Source: CCN
Type: OpenMPT Web site
Open ModPlug Tracker | OpenMPT - Discover the music inside

Source: CONFIRM
Type: Issue Tracking, Patch, Third Party Advisory
https://source.openmpt.org/browse/openmpt/branches/OpenMPT-1.26/?op=revision&rev=8438

Source: CONFIRM
Type: Issue Tracking, Patch, Third Party Advisory
https://source.openmpt.org/browse/openmpt/trunk/?rev=6800

Vulnerable Configuration:Configuration 1:
  • cpe:/a:openmpt:libopenmpt:*:beta25:*:*:*:*:*:* (Version <= 0.2.8414)
  • OR cpe:/a:openmpt:openmpt:*:*:*:*:*:*:*:* (Version <= 1.26.12.00)

  • Configuration CCN 1:
  • cpe:/a:openmpt:openmpt:1.26.12.00:*:*:*:*:*:*:*

  • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.opensuse.security:def:201711311
    V
    CVE-2017-11311
    2023-06-22
    oval:org.opensuse.security:def:7947
    P
    libmodplug-devel-0.3.28-2.13.1 on GA media (Moderate)
    2023-06-12
    oval:org.opensuse.security:def:784
    P
    Security update for dpdk (Important)
    2022-09-27
    oval:org.opensuse.security:def:674
    P
    Security update for harfbuzz (Important)
    2022-08-04
    oval:org.opensuse.security:def:3326
    P
    perl-DBD-mysql-4.021-12.5.2 on GA media (Moderate)
    2022-06-28
    oval:org.opensuse.security:def:94956
    P
    libmodplug-devel-0.3.28-2.13.1 on GA media (Moderate)
    2022-06-22
    oval:org.opensuse.security:def:1238
    P
    Security update for the Linux Kernel (Important)
    2022-06-14
    oval:org.opensuse.security:def:1366
    P
    Security update for the Linux Kernel (Live Patch 15 for SLE 15 SP3) (Important)
    2022-05-26
    oval:org.opensuse.security:def:1594
    P
    Security update for the Linux Kernel (Important)
    2022-03-30
    oval:org.opensuse.security:def:94065
    P
    (Moderate)
    2022-03-24
    oval:org.opensuse.security:def:112739
    P
    libopenmpt-devel-0.5.11-1.2 on GA media (Moderate)
    2022-01-17
    oval:org.opensuse.security:def:1710
    P
    Security update for tomcat (Moderate)
    2021-11-16
    oval:org.opensuse.security:def:106211
    P
    libopenmpt-devel-0.5.11-1.2 on GA media (Moderate)
    2021-10-01
    oval:org.opensuse.security:def:71158
    P
    conntrack-tools-1.4.4-1.29 on GA media (Moderate)
    2021-09-21
    oval:org.opensuse.security:def:71271
    P
    libjson-c-devel-0.13-1.19 on GA media (Moderate)
    2021-09-21
    oval:org.opensuse.security:def:49451
    P
    Security update for php74-pear (Important)
    2021-09-09
    oval:org.opensuse.security:def:64571
    P
    Security update for apache2 (Important)
    2021-09-03
    oval:org.opensuse.security:def:1120
    P
    Security update for go1.15 (Moderate)
    2021-08-20
    oval:org.opensuse.security:def:48220
    P
    libvpx1-1.3.0-3.3.1 on GA media (Moderate)
    2021-08-16
    oval:org.opensuse.security:def:47656
    P
    kernel-default-4.12.14-94.41.1 on GA media (Moderate)
    2021-08-16
    oval:org.opensuse.security:def:47306
    P
    libIlmImf-Imf_2_1-21-2.1.0-4.3 on GA media (Moderate)
    2021-08-16
    oval:org.opensuse.security:def:47896
    P
    supportutils-3.0-95.18.1 on GA media (Moderate)
    2021-08-16
    oval:org.opensuse.security:def:47441
    P
    logwatch-7.4.3-15.65 on GA media (Moderate)
    2021-08-16
    oval:org.opensuse.security:def:47195
    P
    MozillaFirefox-52.2.0esr-108.3 on GA media (Moderate)
    2021-08-16
    oval:org.opensuse.security:def:48194
    P
    libsolv-tools-0.6.36-2.16.2 on GA media (Moderate)
    2021-08-16
    oval:org.opensuse.security:def:47766
    P
    libpng16-16-1.6.8-14.1 on GA media (Moderate)
    2021-08-16
    oval:org.opensuse.security:def:47210
    P
    augeas-1.2.0-15.3 on GA media (Moderate)
    2021-08-16
    oval:org.opensuse.security:def:48321
    P
    tar-1.27.1-15.3.7 on GA media (Moderate)
    2021-08-16
    oval:org.opensuse.security:def:48006
    P
    file-5.22-10.12.2 on GA media (Moderate)
    2021-08-16
    oval:org.opensuse.security:def:47524
    P
    vsftpd-3.0.2-39.1 on GA media (Moderate)
    2021-08-16
    oval:org.opensuse.security:def:47305
    P
    libHX28-3.18-1.18 on GA media (Moderate)
    2021-08-16
    oval:org.opensuse.security:def:48304
    P
    screen-4.0.4-23.3.3 on GA media (Moderate)
    2021-08-16
    oval:org.opensuse.security:def:47748
    P
    libneon27-0.30.0-3.64 on GA media (Moderate)
    2021-08-16
    oval:org.opensuse.security:def:47320
    P
    libXrandr2-1.5.0-6.2 on GA media (Moderate)
    2021-08-16
    oval:org.opensuse.security:def:48110
    P
    libexiv2-12-0.23-12.5.1 on GA media (Moderate)
    2021-08-16
    oval:org.opensuse.security:def:47634
    P
    gstreamer-plugins-base-1.8.3-12.11 on GA media (Moderate)
    2021-08-16
    oval:org.opensuse.security:def:47196
    P
    aaa_base-13.2+git20140911.61c1681-36.1 on GA media (Moderate)
    2021-08-16
    oval:org.opensuse.security:def:48256
    P
    pam_krb5-2.4.4-4.4 on GA media (Moderate)
    2021-08-16
    oval:org.opensuse.security:def:47858
    P
    powerpc-utils-1.3.5-3.8 on GA media (Moderate)
    2021-08-16
    oval:org.opensuse.security:def:47331
    P
    libarchive13-3.1.2-25.1 on GA media (Moderate)
    2021-08-16
    oval:org.opensuse.security:def:48352
    P
    yast2-3.2.50-4.7.1 on GA media (Moderate)
    2021-08-16
    oval:org.opensuse.security:def:100778
    P
    amavisd-new-2.11.1-6.3.1 on GA media (Moderate)
    2021-08-09
    oval:org.opensuse.security:def:72518
    P
    libmodplug-devel-0.3.19-2.10.1 on GA media (Moderate)
    2021-08-09
    oval:org.opensuse.security:def:62799
    P
    libmodplug-devel-0.3.19-2.10.1 on GA media (Moderate)
    2021-08-09
    oval:org.opensuse.security:def:101205
    P
    libmodplug-devel-0.3.19-2.10.1 on GA media (Moderate)
    2021-08-09
    oval:org.opensuse.security:def:1010
    P
    hplip-devel-3.20.11-2.1 on GA media (Moderate)
    2021-08-09
    oval:org.opensuse.security:def:1476
    P
    Security update for php7 (Important)
    2021-08-06
    oval:org.opensuse.security:def:48366
    P
    apache-commons-daemon-1.0.15-4.181 on GA media (Moderate)
    2021-06-08
    oval:org.opensuse.security:def:48462
    P
    libX11-6-1.6.2-4.10 on GA media (Moderate)
    2021-06-08
    oval:org.opensuse.security:def:48423
    P
    gdk-pixbuf-loader-rsvg-2.40.15-4.5 on GA media (Moderate)
    2021-06-08
    oval:org.opensuse.security:def:48431
    P
    gnome-settings-daemon-3.20.1-40.5 on GA media (Moderate)
    2021-06-08
    oval:org.opensuse.security:def:48533
    P
    libpcsclite1-1.8.10-3.4 on GA media (Moderate)
    2021-06-08
    oval:org.opensuse.security:def:64484
    P
    Security update for samba (Important)
    2021-04-29
    oval:org.opensuse.security:def:66745
    P
    Security update for ImageMagick (Moderate)
    2021-04-20
    oval:org.opensuse.security:def:67818
    P
    Security update for the Linux Kernel (Live Patch 22 for SLE 15) (Important)
    2021-03-17
    oval:org.opensuse.security:def:69996
    P
    Security update for kernel-firmware (Important)
    2021-03-03
    oval:org.opensuse.security:def:117002
    P
    libmodplug-devel-0.3.19-2.10.1 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:72174
    P
    libmodplug-devel-0.3.7-1.35 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:62455
    P
    libmodplug-devel-0.3.7-1.35 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:89915
    P
    libmodplug-devel-0.3.9-3.3.1 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:72284
    P
    libmodplug-devel-0.3.9-3.3.1 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:103570
    P
    libmodplug-devel-0.3.9-3.3.1 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:62565
    P
    libmodplug-devel-0.3.9-3.3.1 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:72402
    P
    libmodplug-devel-0.3.19-2.10.1 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:107444
    P
    libmodplug-devel-0.3.19-2.10.1 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:62683
    P
    libmodplug-devel-0.3.19-2.10.1 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:49625
    P
    fwupd on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:49561
    P
    libmodplug-devel on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:73318
    P
    socat on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:67918
    P
    libmodplug-devel on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:49397
    P
    emacs-x11 on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:49679
    P
    libmodplug-devel on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:66653
    P
    xen-libs on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:70101
    P
    libmodplug-devel on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:73436
    P
    libmodplug-devel on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:49507
    P
    cups-pk-helper on GA media (Moderate)
    2020-12-01
    oval:com.ubuntu.artful:def:201711311000
    V
    CVE-2017-11311 on Ubuntu 17.10 (artful) - medium.
    2017-07-17
    BACK
    openmpt libopenmpt * beta25
    openmpt openmpt *
    openmpt openmpt 1.26.12.00