PT-2022-22437 · Unknown+1 · Milkytracker+1

Eternaleclipse

Published

2022-08-03

Updated

2022-08-09

CVE-2022-34927

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions MilkyTracker version 1.03.00

Description The issue is a stack overflow in the LoaderXM::load component. It is triggered when a crafted XM module file is supplied to the program.

Recommendations For MilkyTracker version 1.03.00, consider avoiding the use of the LoaderXM::load component until a patch is available. As a temporary workaround, restrict the loading of XM module files to minimize the risk of exploitation.

Exploit

Fix

Memory Corruption

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-787

Related Identifiers

CVE-2022-34927

Affected Products

Debian

Milkytracker

PT-2022-22437 · Unknown+1 · Milkytracker+1

CVE-2022-34927

Weakness Enumeration

Related Identifiers

Affected Products

References · 12