Filtered by vendor Mpg123
Subscribe
Search
Total
3 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2017-10683 | 1 Mpg123 | 1 Mpg123 | 2020-03-03 | 5.0 MEDIUM | 7.5 HIGH |
| In mpg123 1.25.0, there is a heap-based buffer over-read in the convert_latin1 function in libmpg123/id3.c. A crafted input will lead to a remote denial of service attack. | |||||
| CVE-2017-12839 | 1 Mpg123 | 1 Mpg123 | 2019-05-10 | 6.8 MEDIUM | 8.3 HIGH |
| A heap-based buffer over-read in the getbits function in src/libmpg123/getbits.h in mpg123 through 1.25.5 allows remote attackers to cause a possible denial-of-service (out-of-bounds read) or possibly have unspecified other impact via a crafted mp3 file. | |||||
| CVE-2014-9497 | 1 Mpg123 | 1 Mpg123 | 2017-09-03 | 5.0 MEDIUM | 7.5 HIGH |
| Buffer overflow in mpg123 before 1.18.0. | |||||