CVE-2017-11662 (NVD)

2017-08-17

The _WM_ParseNewMidi function in f_midi.c in WildMIDI 0.4.2 can cause a denial of service (invalid memory read and application crash) via a crafted mid file.

Products Wildmidi
Type Out-of-bounds Read (CWE-125)
First patch - None (likely due to unavailable code)
Links https://www.exploit-db.com/exploits/42433/
http://seclists.org/fulldisclosure/2017/Aug/12