CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:N/I:N/A:C
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
EPSS
Percentile
53.5%
qflb.wu of DBAPPSecurity reports:
Ihe insert_note_steps function in readmidi.c in TiMidity++ 2.14.0
can cause a denial of service(divide-by-zero error and application
crash) via a crafted mid file.
The resample_gauss function in resample.c in TiMidity++ 2.14.0
can cause a denial of service(heap-buffer-overflow) via a crafted
mid file.
The play_midi function in playmidi.c in TiMidity++ 2.14.0 can
cause a denial of service(large loop and CPU consumption) via
a crafted mid file.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
FreeBSD | any | noarch | timidity++ | < 2.15.0 | UNKNOWN |
FreeBSD | any | noarch | timidity++-emacs | < 2.15.0 | UNKNOWN |
FreeBSD | any | noarch | timidity++-gtk | < 2.15.0 | UNKNOWN |
FreeBSD | any | noarch | timidity++-motif | < 2.15.0 | UNKNOWN |
FreeBSD | any | noarch | timidity++-slang | < 2.15.0 | UNKNOWN |
FreeBSD | any | noarch | timidity++-tcltk | < 2.15.0 | UNKNOWN |
FreeBSD | any | noarch | timidity++-xaw | < 2.15.0 | UNKNOWN |
FreeBSD | any | noarch | timidity++-xskin | < 2.15.0 | UNKNOWN |
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:N/I:N/A:C
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
EPSS
Percentile
53.5%