Lucene search

Ubuntu.comUB:CVE-2023-49356

HistoryDec 22, 2023 - 12:00 a.m.

CVE-2023-49356

2023-12-2200:00:00

ubuntu.com

stack buffer overflow

mp3gain v1.6.2

denial of service

writemp3gainapetag function

apetag.c

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

AI Score

7.3

Confidence

High

EPSS

0.001

Percentile

17.0%

JSON

A stack buffer overflow vulnerability in MP3Gain v1.6.2 allows an attacker
to cause a denial of service via the WriteMP3GainAPETag function at
apetag.c:592.

References

github.com/linzc21/bug-reports/blob/main/reports/mp3gain/1.6.2/stack-buffer-overflow/CVE-2023-49356.md

launchpad.net/bugs/cve/CVE-2023-49356

nvd.nist.gov/vuln/detail/CVE-2023-49356

security-tracker.debian.org/tracker/CVE-2023-49356

www.cve.org/CVERecord?id=CVE-2023-49356

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

AI Score

7.3

Confidence

High

EPSS

0.001

Percentile

17.0%

JSON

Related for UB:CVE-2023-49356