2 matches found
CVE-2017-15185
CVE-2017-15185 affects Libmp3splt 0.9.2: in plugins/ogg.c, the code calls libvorbis vorbis_block_clear using uninitialized data after detecting invalid input, enabling a crafted file to trigger a denial of service (application crash). This vulnerability is documented across multiple sources (NVD ...
CVE-2017-5665
The vulnerability affects libmp3splt 0.9.2, where the splt_cue_export_to_file function in cue.c can be triggered by a crafted file to cause a denial of service via a NULL pointer dereference crash. Connected documents confirm the same issue across various feeds; no remediation details or patched ...