12 matches found
CVE-2026-1765 Localsearch: tracker-miners: gnome localsearch mp3 extractor: denial of service and potential information disclosure via crafted mp3 files
A flaw was found in the tracker-extract-mp3 component of GNOME localsearch previously known as tracker-miners. This vulnerability, a heap buffer overflow, occurs when processing specially crafted MP3 files. A remote attacker could exploit this by providing a malicious MP3 file, leading to a Denia...
EUVD-2017-4436
Malware in sbrugna...
USN-7092-2 mpg123 vulnerability
USN-7092-1 fixed a vulnerability in mpg123. Bastien Roucariès discovered that the fix was incomplete on Ubuntu 20.04 LTS. This update fixes the problem. We apologize for the inconvenience. Original advisory details: It was discovered that mpg123 incorrectly handled certain mp3 files. If a user or...
SUSE CVE-2017-9545
The nexttext function in src/libmpg123/id3.c in mpg123 1.24.0 allows remote attackers to cause a denial of service buffer over-read via a crafted mp3 file...
DEBIAN-CVE-2021-40826
Clementine Music Player through 1.3.1 is vulnerable to a User Mode Write Access Violation, affecting the MP3 file parsing functionality at clementine+0x3aa207. The vulnerability is triggered when the user opens a crafted MP3 file or loads a remote stream URL that is mishandled by Clementine...
CVE-2019-15971
A vulnerability in the MP3 detection engine of Cisco AsyncOS Software for Cisco Email Security Appliance ESA could allow an unauthenticated, remote attacker to bypass configured content filters on the device. The vulnerability is due to improper validation of certain MP3 file types. An attacker...
Free MP3 CD Ripper Buffer Overflow Vulnerability (CNVD-2019-07812)
Free MP3 CD Ripper is an audio format converter. A stack buffer overflow vulnerability exists in Free MP3 CD Ripper version 2.6. A remote attacker can exploit this vulnerability to execute arbitrary code via specially crafted .mp3 files...
CVE-2017-12912
The "mpglibDBL/layer3.c" file in MP3Gain 1.5.2.r2 has a vulnerability which results in a read access violation when opening a crafted MP3 file...
DEBIAN-CVE-2017-12911
The "apetag.c" file in MP3Gain 1.5.2.r2 has a vulnerability which results in a stack memory corruption when opening a crafted MP3 file...
DEBIAN-CVE-2017-9545
The nexttext function in src/libmpg123/id3.c in mpg123 1.24.0 allows remote attackers to cause a denial of service buffer over-read via a crafted mp3 file...
Mozilla Firefox Arbitrary Code Execution Vulnerability (CNVD-2015-02207)
Mozilla Firefox is a web browser developed by the Mozilla Foundation in conjunction with the open source community. Mozilla Firefox has a security vulnerability. It allows attackers to construct malicious MP3 files and trick users into parsing them for arbitrary code execution or denial of servic...
CVE-2012-6618
The avprobeinputbuffer function in libavformat/utils.c in FFmpeg before 1.0.2, when running with certain -probesize values, allows remote attackers to cause a denial of service crash via a crafted MP3 file, possibly related to frame size or lack of sufficient "frames to estimate rate."...