Denial Of Service

libmad.so is vulnerable to Denial Of Service. The vulnerability is due to the madlayerIII function in layer3.c when processing a crafted audio file, resulting in a heap-based buffer overflow and possible application crash...

SUSE CVE-2017-9871

The IIIistereo function in layer3.c in mpglib, as used in libmpgdecoder.a in LAME 3.99.5 and other products, allows remote attackers to cause a denial of service stack-based buffer overflow and application crash or possibly have unspecified other impact via a crafted audio file...

CVE-2021-34085

Read access violation in the IIIdequantizesample function in mpglibDBL/layer3.c in mp3gain through 1.5.2-r2 allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact, a different vulnerability than CVE-2017-9872. CVE-2017-14409, and...

DEBIAN-CVE-2018-10778

Read access violation in the IIIdequantizesample function in mpglibDBL/layer3.c in mp3gain through 1.5.2-r2 allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact, a different vulnerability than CVE-2017-9872 and CVE-2017-14409...

CVE-2017-14408

A stack-based buffer over-read was discovered in dct36 in layer3.c in mpglibDBL, as used in MP3Gain version 1.5.2. The vulnerability causes an application crash, which leads to remote denial of service...

DEBIAN-CVE-2017-14410

A buffer over-read was discovered in IIIistereo in layer3.c in mpglibDBL, as used in MP3Gain version 1.5.2. The vulnerability causes an application crash, which leads to remote denial of service...

CVE-2017-14410

A buffer over-read was discovered in IIIistereo in layer3.c in mpglibDBL, as used in MP3Gain version 1.5.2. The vulnerability causes an application crash, which leads to remote denial of service...

CVE-2017-14409

CVE-2017-14409 affects MP3Gain 1.5.2 and is triggered by a buffer overflow in III_dequantize_sample (mpglibDBL/layer3.c). The vulnerability allows an out-of-bounds write, leading to remote denial of service and potentially code execution. The description confirms the impact as DoS and possible co...

CVE-2017-14408

A stack-based buffer over-read was discovered in dct36 in layer3.c in mpglibDBL, as used in MP3Gain version 1.5.2. The vulnerability causes an application crash, which leads to remote denial of service...

CVE-2017-14410

CVE-2017-14410 is a buffer over-read in III_i_stereo (layer3.c) of mpglibDBL used by MP3Gain 1.5.2, causing a crash and remote denial of service. Mageia MGASA-2018-0326 documents fixes for this and related CVEs in MP3Gain, indicating remediation via updated mp3gain packages. Other sources (RH, OS...

CVE-2017-14410

A buffer over-read was discovered in IIIistereo in layer3.c in mpglibDBL, as used in MP3Gain version 1.5.2. The vulnerability causes an application crash, which leads to remote denial of service...

Design/Logic Flaw

The "mpglibDBL/layer3.c" file in MP3Gain 1.5.2.r2 has a vulnerability which results in a read access violation when opening a crafted MP3 file...

CVE-2017-12912

The CVE-2017-12912 entry concerns MP3Gain 1.5.2.r2, specifically the mpglibDBL/layer3.c file. The vulnerability manifests as a read access violation when opening a crafted MP3 file. The connected documents corroborate this description but do not provide details on affected subcomponents beyond th...

CVE-2017-12912

The "mpglibDBL/layer3.c" file in MP3Gain 1.5.2.r2 has a vulnerability which results in a read access violation when opening a crafted MP3 file...

CVE-2017-11126

The IIIistereo function in libmpg123/layer3.c in mpg123 through 1.25.1 allows remote attackers to cause a denial of service buffer over-read and application crash via a crafted audio file that is mishandled in the code for the "blocktype != 2" case, a similar issue to CVE-2017-9870...

CVE-2017-11126

CVE-2017-11126 affects mpg123 (libmpg123) through version 1.25.1. The III_i_stereo function in libmpg123/layer3.c mishandles the block_type != 2 code path, enabling a crafted audio file to trigger a buffer over-read and an application crash (denial of service). The available connected documents c...

mpg123 'III_i_stereo' denial of service vulnerability

mpg123 is a MPEG audio player and decoding library for Linux and Unix operating systems developed by software developer Michael Hipp. A security vulnerability exists in the 'IIIistereo' function in the libmpg123/layer3.c file in mpg123 versions prior to 1.25.1. A remote attacker can exploit this...

CVE-2017-9870

The IIIistereo function in layer3.c in mpglib, as used in libmpgdecoder.a in LAME 3.99.5 and other products, allows remote attackers to cause a denial of service buffer over-read and application crash via a crafted audio file that is mishandled in the code for the "blocktype == 2" case, a similar...

Stack overflow

The IIIistereo function in layer3.c in mpglib, as used in libmpgdecoder.a in LAME 3.99.5 and other products, allows remote attackers to cause a denial of service stack-based buffer overflow and application crash or possibly have unspecified other impact via a crafted audio file...

CVE-2017-9870

CVE-2017-9870 concerns the III_i_stereo function in layer3.c of mpglib (used by mpglib’s libmpgdecoder.a in LAME 3.99.5 and similar products). The vulnerability enables a remote attacker to trigger a buffer over-read, causing an application crash via a crafted MP3 file, specifically related to th...