Vulnerabilities > CVE-2022-34927 - Out-of-bounds Write vulnerability in Milkytracker Project Milkytracker 1.03.00

CVSS 7.8 - HIGH

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

local

low complexity

milkytracker-project

CWE-787

NVD

Published: 2022-08-03

Updated: 2024-11-21

Summary

MilkyTracker v1.03.00 was discovered to contain a stack overflow via the component LoaderXM::load. This vulnerability is triggered when the program is supplied a crafted XM module file.

Vulnerable Configurations

Part	Description	Count
Application	Milkytracker_Project Milkytracker Project Milkytracker 1.03.00	1

Common Weakness Enumeration (CWE)

CWE-787 - Out-of-bounds Write

References

https://github.com/milkytracker/MilkyTracker/commit/3a5474f9102cbdc10fbd9e7b1b2c8d3f3f45d91b
https://github.com/milkytracker/MilkyTracker/commit/3a5474f9102cbdc10fbd9e7b1b2c8d3f3f45d91b
https://github.com/milkytracker/MilkyTracker/issues/275
https://github.com/milkytracker/MilkyTracker/issues/275