Lucene search
+L

240 matches found

Veracode
Veracode
added 2020/12/06 4:7 a.m.15 views

Segmentation Fault

mpg123 is vulnerable to segmentation fault. An attacker may parse a malformed ID3 header size in id3.c:755:765 to unsigned long underflow in mpg123 to create a segmentation fault...

3.5AI score
Exploits0References1Affected Software1
NVD
NVD
added 2018/11/06 5:29 p.m.24 views

CVE-2018-9437

In getstring of ID3.cpp there is a possible out-of-bounds read due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-6.0 Android-6.0.1 Android-7.0...

7.1CVSS5.8AI score0.00884EPSS
Exploits0References2
OSV
OSV
added 2018/11/06 5:29 p.m.3 views

CVE-2018-9437

In getstring of ID3.cpp there is a possible out-of-bounds read due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-6.0 Android-6.0.1 Android-7.0...

5.5CVSS5.9AI score0.00884EPSS
Exploits0References2
Prion
Prion
added 2018/11/06 5:29 p.m.23 views

Out-of-bounds

In getstring of ID3.cpp there is a possible out-of-bounds read due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-6.0 Android-6.0.1 Android-7.0...

7.1CVSS5.5AI score0.00884EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2018/11/06 5:0 p.m.24 views

CVE-2018-9437

In getstring of ID3.cpp there is a possible out-of-bounds read due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-6.0 Android-6.0.1 Android-7.0...

5.5AI score0.00884EPSS
Exploits0References2
CVE
CVE
added 2018/11/06 5:0 p.m.47 views

CVE-2018-9437

CVE-2018-9437 involves an out-of-bounds read in getstring() of ID3.cpp, causing a possible remote denial of service in Android. Affected products/versions: Android 6.0–8.1 (as listed). Root cause: missing bounds check on string handling. Impact: DoS with user interaction required (per CVSS3: Loca...

7.1CVSS5.8AI score0.00884EPSS
Exploits0References2Affected Software1
Fedora
Fedora
added 2018/04/15 2:43 a.m.16 views

[SECURITY] Fedora 28 Update: mingw-libid3tag-0.15.1b-24.fc28

libid3tag is a library for reading and eventually writing ID3 tags, both ID3v1 and the various versions of ID3v2...

7.5CVSS3.5AI score0.02507EPSS
Exploits0
NVD
NVD
added 2018/04/11 3:29 p.m.19 views

CVE-2018-3594

In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9607, MDM9650, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 808, SD 820, SD 820A, SD 835, SD 845, while parsing ...

10CVSS8.7AI score0.01323EPSS
Exploits0References2
Prion
Prion
added 2018/04/11 3:29 p.m.20 views

Buffer overflow

In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9607, MDM9650, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 808, SD 820, SD 820A, SD 835, SD 845, while parsing ...

10CVSS9.6AI score0.01323EPSS
Exploits0References2
Cvelist
Cvelist
added 2018/04/11 3:0 p.m.23 views

CVE-2018-3594

In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9607, MDM9650, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 808, SD 820, SD 820A, SD 835, SD 845, while parsing ...

9.8AI score0.01323EPSS
Exploits0References2
Fedora
Fedora
added 2018/04/09 7:9 p.m.24 views

[SECURITY] Fedora 27 Update: libid3tag-0.15.1b-26.fc27

libid3tag is a library for reading and eventually writing ID3 tags, both ID3v1 and the various versions of ID3v2...

7.5CVSS3.5AI score0.02507EPSS
Exploits0
Fedora
Fedora
added 2018/04/05 11:50 a.m.20 views

[SECURITY] Fedora 28 Update: libid3tag-0.15.1b-28.fc28

libid3tag is a library for reading and eventually writing ID3 tags, both ID3v1 and the various versions of ID3v2...

7.5CVSS3.5AI score0.02507EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2018/03/19 12:0 a.m.37 views

SUSE SLED12 Security Update : libid3tag (SUSE-SU-2018:0722-1)

This update for libid3tag fixes the following issues : - CVE-2004-2779 CVE-2017-11551: Fixed id3utf16deserialize in utf16.c, which previously misparsed ID3v2 tags encoded in UTF-16 with an odd number of bytes, triggering an endless loop allocating memory until OOM leading to DoS. bsc1081959...

7.5CVSS6AI score0.07267EPSS
Exploits2References13
OSV
OSV
added 2018/03/16 3:32 p.m.7 views

SUSE-SU-2018:0722-1 Security update for libid3tag

This update for libid3tag fixes the following issues: - CVE-2004-2779 CVE-2017-11551: Fixed id3utf16deserialize in utf16.c, which previously misparsed ID3v2 tags encoded in UTF-16 with an odd number of bytes, triggering an endless loop allocating memory until OOM leading to DoS. bsc1081959...

7.5CVSS6.3AI score0.07267EPSS
Exploits2References9
OSV
OSV
added 2018/03/16 3:31 p.m.7 views

SUSE-SU-2018:0715-1 Security update for libid3tag

This update for libid3tag fixes the following issues: - CVE-2004-2779 CVE-2017-11551: Fixed id3utf16deserialize in utf16.c, which previously misparsed ID3v2 tags encoded in UTF-16 with an odd number of bytes, triggering an endless loop allocating memory until OOM leading to DoS. bsc1081959...

7.5CVSS6.3AI score0.07267EPSS
Exploits2References9
OSV
OSV
added 2018/02/20 9:29 p.m.6 views

AZL-36950 CVE-2004-2779 affecting package libid3tag for versions less than 0.16.3-7

id3utf16deserialize in utf16.c in libid3tag through 0.15.1b misparses ID3v2 tags encoded in UTF-16 with an odd number of bytes, triggering an endless loop allocating memory until an OOM condition is reached, leading to denial-of-service DoS...

7.5CVSS6.7AI score0.02507EPSS
Exploits0References1
OSV
OSV
added 2018/02/20 9:29 p.m.5 views

DEBIAN-CVE-2004-2779

id3utf16deserialize in utf16.c in libid3tag through 0.15.1b misparses ID3v2 tags encoded in UTF-16 with an odd number of bytes, triggering an endless loop allocating memory until an OOM condition is reached, leading to denial-of-service DoS...

7.5CVSS6.9AI score0.02507EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2018/02/20 12:0 a.m.4 views

PT-2018-4015 · Underbit Technologies +2 · Libid3Tag +2

Name of the Vulnerable Software and Affected Versions: libid3tag versions 0.15.1b and earlier Description: The issue arises from the id3 utf16 deserialize function in utf16.c, which misparses ID3v2 tags encoded in UTF-16 with an odd number of bytes. This triggers an endless loop that allocates...

7.5CVSS6.2AI score0.07267EPSS
Exploits2References38
OSV
OSV
added 2018/01/12 11:29 p.m.3 views

CVE-2017-13200

An information disclosure vulnerability in the Android media framework av related to id3 unsynchronization. Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-63100526...

7.5CVSS5.8AI score
Exploits0References2
Prion
Prion
added 2018/01/12 11:29 p.m.19 views

Information disclosure

An information disclosure vulnerability in the Android media framework av related to id3 unsynchronization. Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-63100526...

5CVSS7.2AI score0.00437EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder