7 matches found
SUSE CVE-2008-2109
field.c in the libid3tag 0.15.0b library allows context-dependent attackers to cause a denial of service CPU consumption via an ID3FIELDTYPESTRINGLIST field that ends in '\0', which triggers an infinite loop...
SUSE SLED12 Security Update : libid3tag (SUSE-SU-2018:0722-1)
This update for libid3tag fixes the following issues : - CVE-2004-2779 CVE-2017-11551: Fixed id3utf16deserialize in utf16.c, which previously misparsed ID3v2 tags encoded in UTF-16 with an odd number of bytes, triggering an endless loop allocating memory until OOM leading to DoS. bsc1081959...
Fedora Update for libid3tag FEDORA-2008-3757
The remote host is missing an update for the SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
Fedora Update for libid3tag FEDORA-2008-3976
The remote host is missing an update for the SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
Fedora Update for libid3tag FEDORA-2008-3874
The remote host is missing an update for the SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
GLSA-200805-15 : libid3tag: Denial of Service
The remote host is affected by the vulnerability described in GLSA-200805-15 libid3tag: Denial of Service Kentaro Oda reported an infinite loop in the file field.c when parsing an MP3 file with an ID3FIELDTYPESTRINGLIST field that ends in '\0'. Impact : A remote attacker could entice a user to op...
CVE-2008-2109
CVE-2008-2109 affects libid3tag 0.15.0b’s ID3_FIELD_TYPE_STRINGLIST handling, where a field ending in '\0' can cause an infinite loop and DoS. Connected advisories confirm this CVE alongside other libid3tag issues and indicate that fixes were released in subsequently updated libid3tag packages (e...