CVE-2017-14407

2017-09-1303:00:00

mitre

www.cve.org

mp3gain

filteryule

buffer over-read

vulnerability

denial of service

AI Score

6.1

Confidence

High

EPSS

0.002

Percentile

53.8%

JSON

A stack-based buffer over-read was discovered in filterYule in gain_analysis.c in MP3Gain version 1.5.2. The vulnerability causes an application crash, which leads to remote denial of service.

References

blogs.gentoo.org/ago/2017/09/08/mp3gain-stack-based-buffer-overflow-in-filteryule-gain_analysis-c/