240 matches found
Segmentation Fault
mpg123 is vulnerable to segmentation fault. An attacker may parse a malformed ID3 header size in id3.c:755:765 to unsigned long underflow in mpg123 to create a segmentation fault...
CVE-2018-9437
In getstring of ID3.cpp there is a possible out-of-bounds read due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-6.0 Android-6.0.1 Android-7.0...
CVE-2018-9437
In getstring of ID3.cpp there is a possible out-of-bounds read due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-6.0 Android-6.0.1 Android-7.0...
Out-of-bounds
In getstring of ID3.cpp there is a possible out-of-bounds read due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-6.0 Android-6.0.1 Android-7.0...
CVE-2018-9437
In getstring of ID3.cpp there is a possible out-of-bounds read due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-6.0 Android-6.0.1 Android-7.0...
CVE-2018-9437
CVE-2018-9437 involves an out-of-bounds read in getstring() of ID3.cpp, causing a possible remote denial of service in Android. Affected products/versions: Android 6.0–8.1 (as listed). Root cause: missing bounds check on string handling. Impact: DoS with user interaction required (per CVSS3: Loca...
[SECURITY] Fedora 28 Update: mingw-libid3tag-0.15.1b-24.fc28
libid3tag is a library for reading and eventually writing ID3 tags, both ID3v1 and the various versions of ID3v2...
CVE-2018-3594
In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9607, MDM9650, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 808, SD 820, SD 820A, SD 835, SD 845, while parsing ...
Buffer overflow
In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9607, MDM9650, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 808, SD 820, SD 820A, SD 835, SD 845, while parsing ...
CVE-2018-3594
In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9607, MDM9650, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 808, SD 820, SD 820A, SD 835, SD 845, while parsing ...
[SECURITY] Fedora 27 Update: libid3tag-0.15.1b-26.fc27
libid3tag is a library for reading and eventually writing ID3 tags, both ID3v1 and the various versions of ID3v2...
[SECURITY] Fedora 28 Update: libid3tag-0.15.1b-28.fc28
libid3tag is a library for reading and eventually writing ID3 tags, both ID3v1 and the various versions of ID3v2...
SUSE SLED12 Security Update : libid3tag (SUSE-SU-2018:0722-1)
This update for libid3tag fixes the following issues : - CVE-2004-2779 CVE-2017-11551: Fixed id3utf16deserialize in utf16.c, which previously misparsed ID3v2 tags encoded in UTF-16 with an odd number of bytes, triggering an endless loop allocating memory until OOM leading to DoS. bsc1081959...
SUSE-SU-2018:0722-1 Security update for libid3tag
This update for libid3tag fixes the following issues: - CVE-2004-2779 CVE-2017-11551: Fixed id3utf16deserialize in utf16.c, which previously misparsed ID3v2 tags encoded in UTF-16 with an odd number of bytes, triggering an endless loop allocating memory until OOM leading to DoS. bsc1081959...
SUSE-SU-2018:0715-1 Security update for libid3tag
This update for libid3tag fixes the following issues: - CVE-2004-2779 CVE-2017-11551: Fixed id3utf16deserialize in utf16.c, which previously misparsed ID3v2 tags encoded in UTF-16 with an odd number of bytes, triggering an endless loop allocating memory until OOM leading to DoS. bsc1081959...
AZL-36950 CVE-2004-2779 affecting package libid3tag for versions less than 0.16.3-7
id3utf16deserialize in utf16.c in libid3tag through 0.15.1b misparses ID3v2 tags encoded in UTF-16 with an odd number of bytes, triggering an endless loop allocating memory until an OOM condition is reached, leading to denial-of-service DoS...
DEBIAN-CVE-2004-2779
id3utf16deserialize in utf16.c in libid3tag through 0.15.1b misparses ID3v2 tags encoded in UTF-16 with an odd number of bytes, triggering an endless loop allocating memory until an OOM condition is reached, leading to denial-of-service DoS...
PT-2018-4015 · Underbit Technologies +2 · Libid3Tag +2
Name of the Vulnerable Software and Affected Versions: libid3tag versions 0.15.1b and earlier Description: The issue arises from the id3 utf16 deserialize function in utf16.c, which misparses ID3v2 tags encoded in UTF-16 with an odd number of bytes. This triggers an endless loop that allocates...
CVE-2017-13200
An information disclosure vulnerability in the Android media framework av related to id3 unsynchronization. Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-63100526...
Information disclosure
An information disclosure vulnerability in the Android media framework av related to id3 unsynchronization. Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-63100526...