CVE-2017-12954

2017-08-2819:00:00

mitre

www.cve.org

AI Score

6.2

Confidence

High

EPSS

0.002

Percentile

57.6%

JSON

The gig::Region::GetSampleFromWavePool function in gig.cpp in libgig 4.0.0 allows remote attackers to cause a denial of service (invalid memory read and application crash) via a crafted gig file.

References

seclists.org/fulldisclosure/2017/Aug/39

www.exploit-db.com/exploits/42546/