8 matches found
Linux Distros Unpatched Vulnerability : CVE-2017-9412
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The unpackreadsamples function in frontend/getaudio.c in LAME 3.99.5 allows remote attackers to cause a denial of service invalid memory read and application...
Ubuntu 16.04 ESM : LAME vulnerabilities (USN-4780-1)
The remote Ubuntu 16.04 ESM host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4780-1 advisory. It was discovered that LAME incorrectly handled certain audio files. A remote attacker could possibly use this issue to cause a denial of service. Eight...
Ubuntu: Security Advisory (USN-4780-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-4780-1: LAME vulnerabilities
It was discovered that LAME incorrectly handled certain audio files. A remote attacker could possibly use this issue to cause a denial of service. Eight vulnerabilities CVE-2015-9099, CVE-2015-9100, CVE-2015-9101, CVE-2017-15018, CVE-2017-11720, CVE-2017-8419, CVE-2017-9412, CVE-2017-15045 only...
Mageia: Security Advisory (MGASA-2017-0434)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE Security Update : lame (openSUSE-2018-214)
This update for lame fixes the following issues : Lame was updated to version 3.100 : - Improved detection of MPEG audio data in RIFF WAVE files. sf3545112 Invalid sampling detection - New switch --gain , range -20.0 to +12.0, a more convenient way to apply Gain adjustment in decibels, than the u...
Stack overflow
LAME 3.99.5, 3.99.4, 3.98.4, 3.98.2, 3.98 and 3.97 have a stack-based buffer overflow in unpackreadsamples in frontend/getaudio.c, a different vulnerability than CVE-2017-9412...
CVE-2017-9412
CVE-2017-9412 affects LAME 3.99.5, where unpack_read_samples in frontend/get_audio.c can be triggered by a crafted WAV file to cause a denial of service via an invalid memory read and application crash. Public advisories indicate fixes in newer LAME releases (e.g., LAME 3.100), and several packag...