GoogleOSV:USN-4780-1lame vulnerabilities
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
6.3 Medium
AI Score
Confidence
High
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.006 Low
EPSS
Percentile
79.0%
It was discovered that LAME incorrectly handled certain audio files. A
remote attacker could possibly use this issue to cause a denial of service. Eight
vulnerabilities (CVE-2015-9099, CVE-2015-9100, CVE-2015-9101, CVE-2017-15018,
CVE-2017-11720, CVE-2017-8419, CVE-2017-9412, CVE-2017-15045) only affected Ubuntu 14.04
ESM, two vulnerabilities (CVE-2017-9410 and CVE-2017-9411) only affected Ubuntu
16.04 ESM, and one vulnerability (CVE-2017-15019) affected both Ubuntu 14.04
ESM and Ubuntu 16.04.
References
ubuntu.com/security/CVE-2015-9099
ubuntu.com/security/CVE-2015-9100
ubuntu.com/security/CVE-2015-9101
ubuntu.com/security/CVE-2017-11720
ubuntu.com/security/CVE-2017-13712
ubuntu.com/security/CVE-2017-15018
ubuntu.com/security/CVE-2017-15019
ubuntu.com/security/CVE-2017-15045
ubuntu.com/security/CVE-2017-8419
ubuntu.com/security/CVE-2017-9410
ubuntu.com/security/CVE-2017-9411
ubuntu.com/security/CVE-2017-9412
ubuntu.com/security/notices/USN-4780-1
Related
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
6.3 Medium
AI Score
Confidence
High
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.006 Low
EPSS
Percentile
79.0%