CVE-2019-18359

Опубликовано: 23 окт. 2019

Источник: debian

Описание

A buffer over-read was discovered in ReadMP3APETag in apetag.c in MP3Gain 1.6.2. The vulnerability causes an application crash, which leads to remote denial of service.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
mp3gain	fixed	1.6.2-2		package

Примечания

SuSE fix: https://build.opensuse.org/package/view_file/openSUSE:Maintenance:12304/mp3gain.openSUSE_Leap_15.1_Update/0001-fix-security-bugs.patch?rev=0db47562b2545871d0be3fc88083e0cd
Caught by ASAN according to CVE. mp3gain is compiled with ASAN on: amd64 i386 armel armhf powerpc

Связанные уязвимости

CVE-2019-18359

CVSS3: 5.5

ubuntu

больше 6 лет назад

A buffer over-read was discovered in ReadMP3APETag in apetag.c in MP3Gain 1.6.2. The vulnerability causes an application crash, which leads to remote denial of service.

CVE-2019-18359

CVSS3: 5.5

nvd

больше 6 лет назад

A buffer over-read was discovered in ReadMP3APETag in apetag.c in MP3Gain 1.6.2. The vulnerability causes an application crash, which leads to remote denial of service.

GHSA-74ch-gqq9-g83c

CVSS3: 5.5

github

больше 3 лет назад

A buffer over-read was discovered in ReadMP3APETag in apetag.c in MP3Gain 1.6.2. The vulnerability causes an application crash, which leads to remote denial of service.

openSUSE-SU-2020:0522-1

suse-cvrf

почти 6 лет назад

Security update for mp3gain