Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2017-11552

Опубликовано: 01 авг. 2017
Источник: debian
EPSS Низкий

Описание

mpg321.c in mpg321 0.3.2-1 does not properly manage memory for use with libmad 0.15.1b, which allows remote attackers to cause a denial of service (memory corruption seen in a crash in the mad_decoder_run function in decoder.c in libmad) via a crafted MP3 file.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
mpg321fixed0.3.2-2package
mpg321no-dsastretchpackage
mpg321no-dsajessiepackage
mpg321no-dsawheezypackage

Примечания

  • CVE was originally assigned for libmad, but further analysis has shown

  • that the underlying issue is in src:mpg321

  • Cf. https://bugs.debian.org/870406#25 for more Details.

  • http://seclists.org/fulldisclosure/2017/Jul/94

EPSS

Процентиль: 91%
0.07099
Низкий

Связанные уязвимости

ubuntu логотип

CVE-2017-11552

CVSS3: 6.5
ubuntu
больше 8 лет назад

mpg321.c in mpg321 0.3.2-1 does not properly manage memory for use with libmad 0.15.1b, which allows remote attackers to cause a denial of service (memory corruption seen in a crash in the mad_decoder_run function in decoder.c in libmad) via a crafted MP3 file.

nvd логотип

CVE-2017-11552

CVSS3: 6.5
nvd
больше 8 лет назад

mpg321.c in mpg321 0.3.2-1 does not properly manage memory for use with libmad 0.15.1b, which allows remote attackers to cause a denial of service (memory corruption seen in a crash in the mad_decoder_run function in decoder.c in libmad) via a crafted MP3 file.

github логотип

GHSA-m9v2-ffx5-rxfq

CVSS3: 6.5
github
больше 3 лет назад

mpg321.c in mpg321 0.3.2-1 does not properly manage memory for use with libmad 0.15.1b, which allows remote attackers to cause a denial of service (memory corruption seen in a crash in the mad_decoder_run function in decoder.c in libmad) via a crafted MP3 file.

EPSS

Процентиль: 91%
0.07099
Низкий