Integer overflow in the INT123_parse_new_id3 function in the ID3 parser in mpg123 before 1.25.5 on 32-bit platforms allows remote attackers to cause a denial of service via a crafted file, which triggers a heap-based buffer overflow.
References
Link | Resource |
---|---|
https://sourceforge.net/p/mpg123/bugs/254/ | Third Party Advisory |
https://sourceforge.net/p/mpg123/mailman/message/35987663/ | Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2017-08-29T15:00:00
Updated: 2017-08-29T14:57:02
Reserved: 2017-08-10T00:00:00
Link: CVE-2017-12797
JSON object: View
NVD Information
Status : Analyzed
Published: 2017-08-29T15:29:00.800
Modified: 2017-09-06T19:24:50.577
Link: CVE-2017-12797
JSON object: View
Redhat Information
No data.
CWE