Published: 01/08/2017 Updated: 09/01/2018

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

CVSS v3 Base Score: 6.5 | Impact Score: 3.6 | Exploitability Score: 2.8

VMScore: 435

Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P

mpg321.c in mpg321 0.3.2-1 does not properly manage memory for use with libmad 0.15.1b, which allows remote malicious users to cause a denial of service (memory corruption seen in a crash in the mad_decoder_run function in decoder.c in libmad) via a crafted MP3 file.

Vulnerable Product	Search on Vulmon	Subscribe to Product
underbit mad libmad 0.15.1b

Debian Bug report logs - #870406 CVE-2017-11552 Package: mpg321; Maintainer for mpg321 is Nanakos Chrysostomos <nanakos@wired-netgr>; Source for mpg321 is src:mpg321 (PTS, buildd, popcon) Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Tue, 1 Aug 2017 17:27:01 UTC Severity: grave Tags: security, upstre ...

libmad memory corruption vulnerability ================ Author : qflbwu =============== Introduction: ============= libmad is a high-quality MPEG audio decoder capable of 24-bit output Affected version: ===== 0151b Vulnerability Description: ========================== the mad_decoder_run function in decoderc in libmad 0151b can cause a ...

CWE-119 http://seclists.org/fulldisclosure/2017/Jul/94 https://www.exploit-db.com/exploits/42409/https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=870406 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=870406 https://nvd.nist.gov https://www.exploit-db.com/exploits/42409/

CVE-2017-11552

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

Exploits

References

Vulmon Search

About

Products

Connect