5.3

CVE-2021-32419

Exploit
An issue in Schism Tracker v20200412 fixed in v.20200412 allows attacker to obtain sensitive information via the fmt_mtm_load_song function in fmt/mtm.c.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
SchismtrackerSchism Tracker Version < 20200412
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.62% 0.447
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.3 3.9 1.4
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
134c704f-9b21-4f2e-91b3-4a467353bcc0 5.3 3.9 1.4
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
CWE-787 Out-of-bounds Write

The product writes data past the end, or before the beginning, of the intended buffer.

https://github.com/schismtracker/schismtracker/commit/1e2cc389a2a058fd13d99460c11115a6f7f7a6a4
Patch
https://github.com/schismtracker/schismtracker/issues/249
Vendor Advisory
Exploit
Issue Tracking