Vulnerabilities > CVE-2019-14382 - Reachable Assertion vulnerability in Openmpt Libopenmpt

047910
CVSS 6.5 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
HIGH
network
low complexity
openmpt
CWE-617
nessus

Summary

DSM in libopenmpt before 0.4.2 allows an assertion failure during file parsing with debug STLs.

Vulnerable Configurations

Part Description Count
Application
Openmpt
66

Common Weakness Enumeration (CWE)

Nessus

  • NASL familySuSE Local Security Checks
    NASL idSUSE_SU-2019-2435-1.NASL
    descriptionThis update for libopenmpt fixes the following issues : Security issues fixed : CVE-2018-20861: Fixed crash with certain malformed custom tunings in MPTM files (bsc#1143578). CVE-2018-20860: Fixed crash with malformed MED files (bsc#1143581). CVE-2019-14383: Fixed J2B that allows an assertion failure during file parsing with debug STLs (bsc#1143584). CVE-2019-14382: Fixed DSM that allows an assertion failure during file parsing with debug STLs (bsc#1143582). Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id129285
    published2019-09-24
    reporterThis script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/129285
    titleSUSE SLED15 / SLES15 Security Update : libopenmpt (SUSE-SU-2019:2435-1)
  • NASL familySuSE Local Security Checks
    NASL idOPENSUSE-2019-2212.NASL
    descriptionThis update for libopenmpt fixes the following issues : Security issues fixed : - CVE-2018-20861: Fixed crash with certain malformed custom tunings in MPTM files (bsc#1143578). - CVE-2018-20860: Fixed crash with malformed MED files (bsc#1143581). - CVE-2019-14383: Fixed J2B that allows an assertion failure during file parsing with debug STLs (bsc#1143584). - CVE-2019-14382: Fixed DSM that allows an assertion failure during file parsing with debug STLs (bsc#1143582). This update was imported from the SUSE:SLE-15:Update update project.
    last seen2020-06-01
    modified2020-06-02
    plugin id129462
    published2019-09-30
    reporterThis script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/129462
    titleopenSUSE Security Update : libopenmpt (openSUSE-2019-2212)
  • NASL familySuSE Local Security Checks
    NASL idOPENSUSE-2019-2213.NASL
    descriptionThis update for libopenmpt fixes the following issues : Security issues fixed : - CVE-2018-20861: Fixed crash with certain malformed custom tunings in MPTM files (bsc#1143578). - CVE-2018-20860: Fixed crash with malformed MED files (bsc#1143581). - CVE-2019-14383: Fixed J2B that allows an assertion failure during file parsing with debug STLs (bsc#1143584). - CVE-2019-14382: Fixed DSM that allows an assertion failure during file parsing with debug STLs (bsc#1143582). This update was imported from the SUSE:SLE-15:Update update project.
    last seen2020-06-01
    modified2020-06-02
    plugin id129463
    published2019-09-30
    reporterThis script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/129463
    titleopenSUSE Security Update : libopenmpt (openSUSE-2019-2213)