Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
lame vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2015-9101
The fill_buffer_resample function in util.c in libmp3lame.a in LAME 3.98.4, 3.98.2, 3.98, 3.99, 3.99.1, 3.99.2, 3.99.3, 3.99.4 and 3.99.5 allows remote malicious users to cause a denial of service (heap-based buffer over-read and application crash) via a crafted audio file.
Lame Project Lame 3.98
Lame Project Lame 3.98.2
Lame Project Lame 3.98.4
Lame Project Lame 3.99
Lame Project Lame 3.99.1
Lame Project Lame 3.99.2
Lame Project Lame 3.99.3
Lame Project Lame 3.99.4
Lame Project Lame 3.99.5
4.3
CVSSv2
CVE-2017-15018
LAME 3.99.5, 3.99.4, 3.99.3, 3.99.2, 3.99.1, 3.99, 3.98.4, 3.98.2 and 3.98 have a heap-based buffer over-read when handling a malformed file in k_34_4 in vbrquantize.c.
Lame Project Lame 3.98
Lame Project Lame 3.98.2
Lame Project Lame 3.98.4
Lame Project Lame 3.99
Lame Project Lame 3.99.1
Lame Project Lame 3.99.2
Lame Project Lame 3.99.3
Lame Project Lame 3.99.4
Lame Project Lame 3.99.5
4.3
CVSSv2
CVE-2017-15046
LAME 3.99.5, 3.99.4, 3.98.4, 3.98.2, 3.98 and 3.97 have a stack-based buffer overflow in unpack_read_samples in frontend/get_audio.c, a different vulnerability than CVE-2017-9412.
Lame Project Lame 3.97
Lame Project Lame 3.98
Lame Project Lame 3.98.2
Lame Project Lame 3.98.4
Lame Project Lame 3.99.4
Lame Project Lame 3.99.5
6.8
CVSSv2
CVE-2017-8419
LAME up to and including 3.99.5 relies on the signed integer data type for values in a WAV or AIFF header, which allows remote malicious users to cause a denial of service (stack-based buffer overflow or heap-based buffer overflow) or possibly have unspecified other impact via a ...
Lame Project Lame
4.3
CVSSv2
CVE-2015-9099
The lame_init_params function in lame.c in libmp3lame.a in LAME 3.99.5 allows remote malicious users to cause a denial of service (invalid read and application crash) via a crafted audio file with a negative sample rate.
Lame Project Lame 3.99.5
4.3
CVSSv2
CVE-2015-9100
The fill_buffer_resample function in util.c in libmp3lame.a in LAME 3.99.5 allows remote malicious users to cause a denial of service (NULL pointer dereference and application crash) via a crafted audio file.
Lame Project Lame 3.99.5
6.8
CVSSv2
CVE-2017-9871
The III_i_stereo function in layer3.c in mpglib, as used in libmpgdecoder.a in LAME 3.99.5 and other products, allows remote malicious users to cause a denial of service (stack-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted au...
Lame Project Lame 3.99.5
4.3
CVSSv2
CVE-2017-9412
The unpack_read_samples function in frontend/get_audio.c in LAME 3.99.5 allows remote malicious users to cause a denial of service (invalid memory read and application crash) via a crafted wav file.
Lame Project Lame 3.99.5
1 EDB exploit
7.5
CVSSv2
CVE-2017-11720
There is a division-by-zero vulnerability in LAME 3.99.5, caused by a malformed input file.
Lame Project Lame 3.99.5
6.8
CVSSv2
CVE-2017-15019
LAME 3.99.5 has a NULL Pointer Dereference in the hip_decode_init function within libmp3lame/mpglib_interface.c via a malformed mpg file, because of an incorrect calloc call.
Lame Project Lame 3.99.5
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4651
CVE-2024-34255
elevation of privilege
CVE-2024-25529
CVE-2024-4671
NULL pointer dereference
CVE-2024-25527
template injection
CVE-2008-0166
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »