In TagLib 1.11.1, the rebuildAggregateFrames function in id3v2framefactory.cpp has a pointer to cast vulnerability, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted audio file.
References
Link | Resource |
---|---|
https://github.com/taglib/taglib/commit/cb9f07d9dcd791b63e622da43f7b232adaec0a9a | Patch Vendor Advisory |
https://github.com/taglib/taglib/issues/829 | Issue Tracking Patch Vendor Advisory |
https://github.com/taglib/taglib/pull/831 | Patch Vendor Advisory |
https://lists.debian.org/debian-lts-announce/2021/09/msg00020.html | Mailing List Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2017-08-08T01:00:00
Updated: 2021-09-30T22:06:15
Reserved: 2017-08-07T00:00:00
Link: CVE-2017-12678
JSON object: View
NVD Information
Status : Analyzed
Published: 2017-08-08T01:34:00.080
Modified: 2021-10-18T12:11:54.023
Link: CVE-2017-12678
JSON object: View
Redhat Information
No data.
CWE