CVE-2017-13712

Опубликовано: 28 авг. 2017

Источник: nvd

CVSS3: 7.5

CVSS2: 5

EPSS Низкий

Описание

NULL Pointer Dereference in the id3v2AddAudioDuration function in libmp3lame/id3tag.c in LAME 3.99.5 allows attackers to perform Denial of Service by triggering a NULL first argument.

Ссылки

http://www.securityfocus.com/bid/100525
Third Party Advisory
VDB Entry
https://sourceforge.net/p/lame/bugs/472/
Third Party Advisory
http://www.securityfocus.com/bid/100525
Third Party Advisory
VDB Entry
https://sourceforge.net/p/lame/bugs/472/
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:lame_project:lame:3.99.5:*:*:*:*:*:*:*

EPSS

Процентиль: 62%

0.00434

Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-476

Связанные уязвимости

CVE-2017-13712

CVSS3: 7.5

ubuntu

больше 8 лет назад

NULL Pointer Dereference in the id3v2AddAudioDuration function in libmp3lame/id3tag.c in LAME 3.99.5 allows attackers to perform Denial of Service by triggering a NULL first argument.

CVE-2017-13712

CVSS3: 3.3

redhat

около 11 лет назад

NULL Pointer Dereference in the id3v2AddAudioDuration function in libmp3lame/id3tag.c in LAME 3.99.5 allows attackers to perform Denial of Service by triggering a NULL first argument.

CVE-2017-13712

CVSS3: 7.5

debian

больше 8 лет назад

NULL Pointer Dereference in the id3v2AddAudioDuration function in libm ...

GHSA-p3fq-hhf9-6f56

CVSS3: 7.5

github

больше 3 лет назад

NULL Pointer Dereference in the id3v2AddAudioDuration function in libmp3lame/id3tag.c in LAME 3.99.5 allows attackers to perform Denial of Service by triggering a NULL first argument.

EPSS

Процентиль: 62%

0.00434

Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-476