LAME 3.99.5, 3.99.4, 3.99.3, 3.99.2, 3.99.1, 3.99, 3.98.4, 3.98.2 and 3.98 have a heap-based buffer over-read when handling a malformed file in k_34_4 in vbrquantize.c.
References
Link | Resource |
---|---|
https://sourceforge.net/p/lame/bugs/480/ | Exploit Third Party Advisory |
Configurations
Configuration 1 (hide)
|
History
04 Feb 2021, 14:02
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:lame_project:lame:3.99:*:*:*:*:*:*:* cpe:2.3:a:lame_project:lame:3.99.3:*:*:*:*:*:*:* cpe:2.3:a:lame_project:lame:3.99.1:*:*:*:*:*:*:* cpe:2.3:a:lame_project:lame:3.98:*:*:*:*:*:*:* cpe:2.3:a:lame_project:lame:3.98.4:*:*:*:*:*:*:* cpe:2.3:a:lame_project:lame:3.98.2:*:*:*:*:*:*:* cpe:2.3:a:lame_project:lame:3.99.4:*:*:*:*:*:*:* cpe:2.3:a:lame_project:lame:3.99.2:*:*:*:*:*:*:* |
29 Jan 2021, 20:15
Type | Values Removed | Values Added |
---|---|---|
Summary | LAME 3.99.5, 3.99.4, 3.99.3, 3.99.2, 3.99.1, 3.99, 3.98.4, 3.98.2 and 3.98 have a heap-based buffer over-read when handling a malformed file in k_34_4 in vbrquantize.c. |
Information
Published : 2017-10-05 01:29
Updated : 2023-12-10 12:15
NVD link : CVE-2017-15018
Mitre link : CVE-2017-15018
CVE.ORG link : CVE-2017-15018
JSON object : View
Products Affected
lame_project
- lame
CWE
CWE-125
Out-of-bounds Read