CVE-2017-15185

plugins/ogg.c in Libmp3splt 0.9.2 calls the libvorbis vorbisblockclear function with uninitialized data upon detection of invalid input, which allows remote attackers to cause a denial of service application crash via a crafted file...