The lame_init_params function in lame.c in libmp3lame.a in LAME before 3.100 allows remote attackers to cause a denial of service (invalid read and application crash) via a crafted audio file with a negative sample rate.
The lame_init_params function in lame.c in libmp3lame.a in LAME before 3.100 allows remote attackers to cause a denial of service (invalid read and application crash) via a crafted audio file with a negative sample rate.
http://www.openwall.com/lists/oss-security/2015/02/12/8