UBUNTU-CVE-2017-15046

LAME 3.99.5, 3.99.4, 3.98.4, 3.98.2, 3.98 and 3.97 have a stack-based buffer overflow in unpackreadsamples in frontend/getaudio.c, a different vulnerability than CVE-2017-9412...

PT-2017-13820 · Lame +2 · Lame +2

Name of the Vulnerable Software and Affected Versions: LAME versions 3.98 through 3.99.5 Description: The issue is a heap-based buffer over-read that occurs when handling a malformed file in the k 34 4 function within the vbrquantize.c file. Recommendations: For LAME versions 3.98 through 3.99.5,...