14 matches found
SUSE CVE-2017-15045
LAME 3.99, 3.99.1, 3.99.2, 3.99.3, 3.99.4, 3.99.5, 3.98.4, 3.98.2 and 3.98 has a heap-based buffer over-read in fillbuffer in libmp3lame/util.c, related to lameencodebuffersamplet in libmp3lame/lame.c, a different vulnerability than CVE-2017-9410...
USN-4780-1 lame vulnerabilities
It was discovered that LAME incorrectly handled certain audio files. A remote attacker could possibly use this issue to cause a denial of service. Eight vulnerabilities CVE-2015-9099, CVE-2015-9100, CVE-2015-9101, CVE-2017-15018, CVE-2017-11720, CVE-2017-8419, CVE-2017-9412, CVE-2017-15045 only...
UBUNTU-CVE-2017-15045
LAME 3.99, 3.99.1, 3.99.2, 3.99.3, 3.99.4, 3.99.5, 3.98.4, 3.98.2 and 3.98 has a heap-based buffer over-read in fillbuffer in libmp3lame/util.c, related to lameencodebuffersamplet in libmp3lame/lame.c, a different vulnerability than CVE-2017-9410...
UBUNTU-CVE-2017-15018
LAME 3.99.5, 3.99.4, 3.99.3, 3.99.2, 3.99.1, 3.99, 3.98.4, 3.98.2 and 3.98 have a heap-based buffer over-read when handling a malformed file in k344 in vbrquantize.c...
LAME III_dequantize_sample function stack buffer overflow vulnerability
LAME is an open source MP3 audio compression software. A stack buffer overflow vulnerability exists in the LAME libmpgdecoder.a/mpglib/layer3.c/IIIdequantizesample function, which allows remote attackers to exploit the vulnerability by submitting a special file that induces the user to parse it,...
LAME 'III_i_stereo' function stack buffer overflow vulnerability
LAME is LAME team developed a set of open source MP3 audio compression software. mpglib is one of the mpg decoding library . A security vulnerability exists in the 'IIIistereo' function in the layer3.c file of mpglib in LAME version 3.99.5 and other products. A remote attacker could exploit this...
LAME II_step_one function buffer overflow vulnerability
LAME is an open source MP3 audio compression software. A buffer overflow vulnerability exists in the LAME libmpgdecoder.a/mpglib/layer2.c/IIstepone function, which allows remote attackers to exploit the vulnerability by submitting a special file that induces the user to parse it, which can crash...
LAME fill_buffer_resample function heap buffer overflow vulnerability
LAME is an open source MP3 audio compression software. A heap buffer overflow vulnerability exists in the LAME libmp3lame.a/util.c/fillbufferresample function, which allows remote attackers to exploit the vulnerability by submitting a special file and tricking the user into parsing it, which can...
DEBIAN-CVE-2015-9101
The fillbufferresample function in util.c in libmp3lame.a in LAME 3.98.4, 3.98.2, 3.98, 3.99, 3.99.1, 3.99.2, 3.99.3, 3.99.4 and 3.99.5 allows remote attackers to cause a denial of service heap-based buffer over-read and application crash via a crafted audio file...
UBUNTU-CVE-2015-9100
The fillbufferresample function in util.c in libmp3lame.a in LAME 3.99.5 allows remote attackers to cause a denial of service NULL pointer dereference and application crash via a crafted audio file...
DEBIAN-CVE-2015-9099
The lameinitparams function in lame.c in libmp3lame.a in LAME 3.99.5 allows remote attackers to cause a denial of service invalid read and application crash via a crafted audio file with a negative sample rate...
UBUNTU-CVE-2015-9099
The lameinitparams function in lame.c in libmp3lame.a in LAME 3.99.5 allows remote attackers to cause a denial of service invalid read and application crash via a crafted audio file with a negative sample rate...
UBUNTU-CVE-2015-9101
The fillbufferresample function in util.c in libmp3lame.a in LAME 3.98.4, 3.98.2, 3.98, 3.99, 3.99.1, 3.99.2, 3.99.3, 3.99.4 and 3.99.5 allows remote attackers to cause a denial of service heap-based buffer over-read and application crash via a crafted audio file...
ALPINE-CVE-2015-9100
The fillbufferresample function in util.c in libmp3lame.a in LAME 3.99.5 allows remote attackers to cause a denial of service NULL pointer dereference and application crash via a crafted audio file...