Lucene search
K

44 matches found

OSV
OSV
added 2017/09/13 3:29 a.m.3 views

DEBIAN-CVE-2017-14410

A buffer over-read was discovered in IIIistereo in layer3.c in mpglibDBL, as used in MP3Gain version 1.5.2. The vulnerability causes an application crash, which leads to remote denial of service...

5.5CVSS5.8AI score0.00856EPSS
Exploits0References1
OSV
OSV
added 2017/09/13 3:29 a.m.4 views

DEBIAN-CVE-2017-14408

A stack-based buffer over-read was discovered in dct36 in layer3.c in mpglibDBL, as used in MP3Gain version 1.5.2. The vulnerability causes an application crash, which leads to remote denial of service...

5.5CVSS7.2AI score0.00856EPSS
Exploits0References1
NVD
NVD
added 2017/09/13 3:29 a.m.19 views

CVE-2017-14408

A stack-based buffer over-read was discovered in dct36 in layer3.c in mpglibDBL, as used in MP3Gain version 1.5.2. The vulnerability causes an application crash, which leads to remote denial of service...

5.5CVSS5.5AI score0.00856EPSS
Exploits0References1
Cvelist
Cvelist
added 2017/09/13 3:0 a.m.22 views

CVE-2017-14410

A buffer over-read was discovered in IIIistereo in layer3.c in mpglibDBL, as used in MP3Gain version 1.5.2. The vulnerability causes an application crash, which leads to remote denial of service...

6.1AI score0.00856EPSS
Exploits0References1
CVE
CVE
added 2017/09/13 3:0 a.m.56 views

CVE-2017-14410

CVE-2017-14410 is a buffer over-read in III_i_stereo (layer3.c) of mpglibDBL used by MP3Gain 1.5.2, causing a crash and remote denial of service. Mageia MGASA-2018-0326 documents fixes for this and related CVEs in MP3Gain, indicating remediation via updated mp3gain packages. Other sources (RH, OS...

5.5CVSS6AI score0.00856EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2017/09/13 3:0 a.m.72 views

CVE-2017-14409

CVE-2017-14409 affects MP3Gain 1.5.2 and is triggered by a buffer overflow in III_dequantize_sample (mpglibDBL/layer3.c). The vulnerability allows an out-of-bounds write, leading to remote denial of service and potentially code execution. The description confirms the impact as DoS and possible co...

7.8CVSS8.1AI score0.01624EPSS
Exploits0References1Affected Software1
Debian CVE
Debian CVE
added 2017/09/13 3:0 a.m.16 views

CVE-2017-14408

A stack-based buffer over-read was discovered in dct36 in layer3.c in mpglibDBL, as used in MP3Gain version 1.5.2. The vulnerability causes an application crash, which leads to remote denial of service...

5.5CVSS5.8AI score0.00856EPSS
Exploits0
Debian CVE
Debian CVE
added 2017/09/13 3:0 a.m.19 views

CVE-2017-14410

A buffer over-read was discovered in IIIistereo in layer3.c in mpglibDBL, as used in MP3Gain version 1.5.2. The vulnerability causes an application crash, which leads to remote denial of service...

5.5CVSS5.8AI score0.00856EPSS
Exploits0
Prion
Prion
added 2017/09/07 2:29 p.m.13 views

Design/Logic Flaw

The "mpglibDBL/layer3.c" file in MP3Gain 1.5.2.r2 has a vulnerability which results in a read access violation when opening a crafted MP3 file...

4.3CVSS5.2AI score0.00691EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2017/09/07 2:0 p.m.49 views

CVE-2017-12912

The CVE-2017-12912 entry concerns MP3Gain 1.5.2.r2, specifically the mpglibDBL/layer3.c file. The vulnerability manifests as a read access violation when opening a crafted MP3 file. The connected documents corroborate this description but do not provide details on affected subcomponents beyond th...

5.5CVSS5.2AI score0.00691EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2017/09/07 2:0 p.m.15 views

CVE-2017-12912

The "mpglibDBL/layer3.c" file in MP3Gain 1.5.2.r2 has a vulnerability which results in a read access violation when opening a crafted MP3 file...

5.2AI score0.00691EPSS
Exploits0References1
OSV
OSV
added 2017/07/10 3:29 a.m.16 views

CVE-2017-11126

The IIIistereo function in libmpg123/layer3.c in mpg123 through 1.25.1 allows remote attackers to cause a denial of service buffer over-read and application crash via a crafted audio file that is mishandled in the code for the "blocktype != 2" case, a similar issue to CVE-2017-9870...

5.5CVSS7AI score
Exploits0References2
CVE
CVE
added 2017/07/10 3:0 a.m.87 views

CVE-2017-11126

CVE-2017-11126 affects mpg123 (libmpg123) through version 1.25.1. The III_i_stereo function in libmpg123/layer3.c mishandles the block_type != 2 code path, enabling a crafted audio file to trigger a buffer over-read and an application crash (denial of service). The available connected documents c...

5.5CVSS6.2AI score0.01389EPSS
Exploits0References2Affected Software1
CNVD
CNVD
added 2017/07/10 12:0 a.m.2 views

mpg123 'III_i_stereo' denial of service vulnerability

mpg123 is a MPEG audio player and decoding library for Linux and Unix operating systems developed by software developer Michael Hipp. A security vulnerability exists in the 'IIIistereo' function in the libmpg123/layer3.c file in mpg123 versions prior to 1.25.1. A remote attacker can exploit this...

5.5CVSS6.7AI score0.01389EPSS
Exploits0References1
Prion
Prion
added 2017/06/25 7:29 p.m.12 views

Stack overflow

The IIIistereo function in layer3.c in mpglib, as used in libmpgdecoder.a in LAME 3.99.5 and other products, allows remote attackers to cause a denial of service stack-based buffer overflow and application crash or possibly have unspecified other impact via a crafted audio file...

6.8CVSS8.3AI score0.01505EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2017/06/25 7:29 p.m.24 views

CVE-2017-9870

The IIIistereo function in layer3.c in mpglib, as used in libmpgdecoder.a in LAME 3.99.5 and other products, allows remote attackers to cause a denial of service buffer over-read and application crash via a crafted audio file that is mishandled in the code for the "blocktype == 2" case, a similar...

5.5CVSS5.8AI score0.0121EPSS
Exploits0References2
OSV
OSV
added 2017/06/25 7:29 p.m.1 views

DEBIAN-CVE-2017-9872

The IIIdequantizesample function in layer3.c in mpglib, as used in libmpgdecoder.a in LAME 3.99.5 and other products, allows remote attackers to cause a denial of service stack-based buffer overflow and application crash or possibly have unspecified other impact via a crafted audio file...

7.8CVSS7.8AI score0.0979EPSS
Exploits0References1
CVE
CVE
added 2017/06/25 7:0 p.m.80 views

CVE-2017-9870

CVE-2017-9870 concerns the III_i_stereo function in layer3.c of mpglib (used by mpglib’s libmpgdecoder.a in LAME 3.99.5 and similar products). The vulnerability enables a remote attacker to trigger a buffer over-read, causing an application crash via a crafted MP3 file, specifically related to th...

5.5CVSS5.7AI score0.0121EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2017/06/25 7:0 p.m.47 views

CVE-2017-9871

The CVE-2017-9871 issue affects the mpglib decoder (III_i_stereo in layer3.c) used by LAME 3.99.5 and related products. The vulnerability is a stack-based buffer overflow in the MP3 decoding path that can be triggered by a crafted audio file, potentially causing an application crash or denial of ...

7.8CVSS6.7AI score0.01505EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2017/06/25 7:0 p.m.65 views

CVE-2017-9872

CVE-2017-9872 affects mpglib’s III_dequantize_sample in Layer3.c (used by LAME 3.99.5 and related products). Exploitation via a crafted audio file can cause a stack-based buffer overflow and application crash (denial of service). OpenSUSE security update openSUSE-2018-214 notes a fix in LAME 3.10...

7.8CVSS6.9AI score0.0979EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder