Denial of Service Vulnerability in WildMIDI 0.4.2 via Crafted MID File

Denial of Service Vulnerability in WildMIDI 0.4.2 via Crafted MID File

CVE-2017-11664 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

The _WM_SetupMidiEvent function in internal_midi.c:2122 in WildMIDI 0.4.2 can cause a denial of service (invalid memory read and application crash) via a crafted mid file.

Learn more about our Internal Network Penetration Testing.