VDB

GCVE-110-MAGEIA-2017-46

GCVE-110-MAGEIA-2017-46
Advisory Published
Vulnetix · Advisory published February 11, 2017
Chris Evans discovered that incorrect emulation of the SPC700 audio co-processor of the Super Nintendo Entertainment System allows the execution of arbitrary code if a malformed SPC music file is opened (CVE-2016-9957, CVE-2016-9958, CVE-2016-9959, CVE-2016-9960, CVE-2016-9961). These issues were previously fixed in MGASA-2016-0428 in the game-music-emu library, but audacious-plugins contains a decoder built with a bundled copy, which has been patched to fix the issues.

Affected Products

VendorProductVersionsPlatforms
Mageiagwakeonlan0 (affected), 0.6.3-2.1.mga6 (unaffected)
Mageiaaudacious-plugins0 (affected), 3.5.2-2.1.mga5 (unaffected), 0 (affected), 3.5.2-2.1.mga5.tainted (unaffected), 0 (affected), 0 (affected), 3.5.2-2.1.mga5 (unaffected), 3.5.2-2.1.mga5.tainted (unaffected)

Browse GCVE Records

73,118 records in the GCVE database · Updated July 16, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›