CVE-2016-9959

HIGH

Opensuse Leap < 0.6.0 - Out-of-Bounds Write

Title source: rule
STIX 2.1

Description

game-music-emu before 0.6.1 allows remote attackers to generate out of bounds 8-bit values.

References (11)

Core 11
Core References
Third Party Advisory vendor-advisory x_refsource_suse
http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00090.html
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/95305
Mailing List, Third Party Advisory mailing-list x_refsource_mlist
http://www.openwall.com/lists/oss-security/2016/12/15/11
Exploit, Technical Description, Third Party Advisory x_refsource_misc
https://scarybeastsecurity.blogspot.in/2016/12/redux-compromising-linux-using-snes.html
Third Party Advisory vendor-advisory x_refsource_gentoo
https://security.gentoo.org/glsa/201707-02
Third Party Advisory vendor-advisory x_refsource_suse
http://lists.opensuse.org/opensuse-security-announce/2017-01/msg00005.html

Scores

CVSS v3 7.8
EPSS 0.0031
EPSS Percentile 54.5%
Attack Vector LOCAL
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Details

CWE
CWE-125 CWE-787
Status published
Products (9)
game-music-emu_project/game-music-emu < 0.6.0
opensuse/leap 42.2
opensuse/opensuse 12.1
opensuse_project/leap 42.1
suse/linux_enterprise 12.0
suse/linux_enterprise_desktop 12
suse/linux_enterprise_software_development_kit 12
suse/linux_enterprise_workstation_extension 12
suse/suse_linux_enterprise_server 12
Published Apr 12, 2017
Tracked Since Feb 18, 2026