MantisBT - Zandronum | |||||
View Issue Details | |||||
ID | Project | Category | View Status | Date Submitted | Last Update |
0002961 | Zandronum | [All Projects] Bug | public | 2016-12-16 16:17 | 2018-09-30 21:48 |
Reporter | Balrog | ||||
Assigned To | Torr Samaho | ||||
Priority | high | Severity | exploit | Reproducibility | have not tried |
Status | closed | Resolution | fixed | ||
Platform | OS | OS Version | |||
Product Version | 2.1 | ||||
Target Version | 3.0 | Fixed in Version | 3.0 | ||
Summary | 0002961: Code execution vulnerability in Game_Music_Emu | ||||
Description | 'http://forum.zdoom.org/viewtopic.php?f=7&t=54613 [^]' The tl;dr is that Game_Music_Emu has a couple bugs in it that can enable arbitrary code execution by playing a malformed SPC file. The fix is trivial, and already pushed to ZDoom git, but I'm still reporting it here because it's a security bug and fixing it requires rebuilding with an updated libgme if it's statically linked. | ||||
Steps To Reproduce | |||||
Additional Information | |||||
Tags | No tags attached. | ||||
Relationships | |||||
Attached Files | |||||
Issue History | |||||
Date Modified | Username | Field | Change | ||
2016-12-16 16:17 | Balrog | New Issue | |||
2016-12-22 19:49 | Torr Samaho | Note Added: 0016541 | |||
2016-12-22 19:49 | Torr Samaho | Product Version | => 2.1 | ||
2016-12-22 19:49 | Torr Samaho | Target Version | => 3.0 | ||
2016-12-22 19:49 | Torr Samaho | Assigned To | => Torr Samaho | ||
2016-12-22 19:49 | Torr Samaho | Status | new => needs testing | ||
2017-03-06 05:47 | Ru5tK1ng | Note Added: 0016951 | |||
2017-03-06 05:47 | Ru5tK1ng | Status | needs testing => resolved | ||
2017-03-06 05:47 | Ru5tK1ng | Resolution | open => fixed | ||
2017-03-06 05:47 | Ru5tK1ng | Fixed in Version | => 3.0 | ||
2018-09-30 21:48 | Blzut3 | Status | resolved => closed |
Notes | |||||
|
|||||
|
|
||||
|
|||||
|
|