CVE-2017-11550

Опубликовано: 31 июл. 2017

Источник: debian

EPSS Низкий

Описание

The id3_ucs4_length function in ucs4.c in libid3tag 0.15.1b allows remote attackers to cause a denial of service (NULL Pointer Dereference and application crash) via a crafted mp3 file.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
libid3tag	fixed	0.15.1b-9		package

Примечания

http://seclists.org/fulldisclosure/2017/Jul/85
Addressed by the 11_unknown_encoding.dpatch patch

EPSS

Процентиль: 46%

0.00236

Низкий

Связанные уязвимости

CVE-2017-11550

CVSS3: 5.5

ubuntu

почти 8 лет назад

The id3_ucs4_length function in ucs4.c in libid3tag 0.15.1b allows remote attackers to cause a denial of service (NULL Pointer Dereference and application crash) via a crafted mp3 file.

CVE-2017-11550

CVSS3: 3.3

redhat

почти 8 лет назад

The id3_ucs4_length function in ucs4.c in libid3tag 0.15.1b allows remote attackers to cause a denial of service (NULL Pointer Dereference and application crash) via a crafted mp3 file.

CVE-2017-11550

CVSS3: 5.5

nvd

почти 8 лет назад

The id3_ucs4_length function in ucs4.c in libid3tag 0.15.1b allows remote attackers to cause a denial of service (NULL Pointer Dereference and application crash) via a crafted mp3 file.

CVE-2017-11550

CVSS3: 5.5

msrc

4 месяца назад

Описание отсутствует

GHSA-qm72-g7qg-9h32

CVSS3: 5.5

github

около 3 лет назад

The id3_ucs4_length function in ucs4.c in libid3tag 0.15.1b allows remote attackers to cause a denial of service (NULL Pointer Dereference and application crash) via a crafted mp3 file.

EPSS

Процентиль: 46%

0.00236

Низкий