CVE-2022-34927

HIGH

MilkyTracker v1.03.00 - Stack Overflow in LoaderXM::load

Title source: llm
STIX 2.1

Description

MilkyTracker v1.03.00 was discovered to contain a stack overflow via the component LoaderXM::load. This vulnerability is triggered when the program is supplied a crafted XM module file.

References (2)

Core 2
Core References
Exploit, Issue Tracking, Mitigation, Patch, Third Party Advisory x_refsource_misc
https://github.com/milkytracker/MilkyTracker/issues/275

Scores

CVSS v3 7.8
EPSS 0.0037
EPSS Percentile 29.1%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Details

CWE
CWE-787
Status published
Products (1)
milkytracker_project/milkytracker 1.03.00
Published Aug 03, 2022
Tracked Since Feb 18, 2026