CVE-2016-10694

Name of the Vulnerable Software and Affected Versions alto-saxophone versions prior to 2.25.1

Description The issue concerns the insecure download of binary resources over HTTP, making it susceptible to man-in-the-middle (MITM) attacks. An attacker with a privileged network position could intercept the response and replace the executable with a malicious one, potentially leading to remote code execution (RCE) on the system running the software.

Recommendations Update to version 2.25.1 or later.