CVE-2017-11663 (NVD)

2017-08-17

The _WM_SetupMidiEvent function in internal_midi.c:2315 in WildMIDI 0.4.2 can cause a denial of service (invalid memory read and application crash) via a crafted mid file.

Products Wildmidi
Type Out-of-bounds Read (CWE-125)
First patch - None (likely due to unavailable code)
Links http://seclists.org/fulldisclosure/2017/Aug/12
https://www.exploit-db.com/exploits/42433/