GLSA-201707-02 : Game Music Emu: Multiple vulnerabilities

This script is Copyright (C) 2017 Tenable Network Security, Inc.


Synopsis :

The remote Gentoo host is missing one or more security-related
patches.

Description :

The remote host is affected by the vulnerability described in GLSA-201707-02
(Game Music Emu: Multiple vulnerabilities)

Multiple vulnerabilities have been discovered in Game Music Emu. Please
review the CVE identifiers referenced below for details.

Impact :

A remote attacker could entice a user to open a specially crafted SPC
music file, using Game Music Emu or an application linked against the
Game Music Emu library, possibly resulting in execution of arbitrary code
with the privileges of the process or a Denial of Service condition.

Workaround :

There is no known workaround at this time.

See also :

https://security.gentoo.org/glsa/201707-02

Solution :

All Game Music Emu users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose '>=media-libs/game-music-emu-0.6.1'

Risk factor :

Critical / CVSS Base Score : 10.0
(CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)

Family: Gentoo Local Security Checks

Nessus Plugin ID: 101333 ()

Bugtraq ID:

CVE ID: CVE-2016-9957
CVE-2016-9958
CVE-2016-9959
CVE-2016-9960
CVE-2016-9961

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now