Lucene search

[email protected]NVD:CVE-2023-49356

HistoryDec 22, 2023 - 10:15 a.m.

CVE-2023-49356

2023-12-2210:15:11

CWE-787

[email protected]

web.nvd.nist.gov

mp3gain

v1.6.2

stack buffer overflow

vulnerability

denial of service

writemp3gainapetag

apetag.c

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

EPSS

0.001

Percentile

17.0%

JSON

A stack buffer overflow vulnerability in MP3Gain v1.6.2 allows an attacker to cause a denial of service via the WriteMP3GainAPETag function at apetag.c:592.

Affected configurations

Nvd

Node

glensawyermp3gainMatch1.6.2

VendorProductVersionCPE
glensawyermp3gain1.6.2cpe:2.3:a:glensawyer:mp3gain:1.6.2:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
glensawyer	mp3gain	1.6.2	cpe:2.3:a:glensawyer:mp3gain:1.6.2:::::::*

References

github.com/linzc21/bug-reports/blob/main/reports/mp3gain/1.6.2/stack-buffer-overflow/CVE-2023-49356.md

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

EPSS

0.001

Percentile

17.0%

JSON

Related for NVD:CVE-2023-49356

ubuntucve1 veracode1 cvelist1 debiancve1 prion1 cve1