High severity7.8NVD Advisory· Published Jul 17, 2017· Updated May 13, 2026

CVE-2017-11311

Description

soundlib/Load_psm.cpp in OpenMPT through 1.26.12.00 and libopenmpt before 0.2.8461-beta26 has a heap buffer overflow with the potential for arbitrary code execution via a crafted PSM File that triggers use of the same sample slot for two samples.

Affected products

Openmpt/Libopenmpt
cpe:2.3:a:openmpt:libopenmpt:*:beta25:*:*:*:*:*:*
Range: <=0.2.8414
Openmpt/Openmpt
cpe:2.3:a:openmpt:openmpt:*:*:*:*:*:*:*:*
Range: <=1.26.12.00

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

bugs.debian.org/867579nvdIssue TrackingPatchThird Party Advisory
lib.openmpt.org/libopenmpt/md_announce-2017-07-07.htmlnvdPatchVendor Advisory
source.openmpt.org/browse/openmpt/branches/OpenMPT-1.26/nvdIssue TrackingPatchThird Party Advisory
source.openmpt.org/browse/openmpt/trunk/nvdIssue TrackingPatchThird Party Advisory

News mentions

No linked articles in our index yet.

cvss	0.507
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000