ID CVE-2017-8372
Summary The mad_layer_III function in layer3.c in Underbit MAD libmad 0.15.1b, if NDEBUG is omitted, allows remote attackers to cause a denial of service (assertion failure and application exit) via a crafted audio file.
References
Vulnerable Configurations
  • cpe:2.3:a:underbit:mad_libmad:0.15.1b:*:*:*:*:*:*:*
    cpe:2.3:a:underbit:mad_libmad:0.15.1b:*:*:*:*:*:*:*
CVSS
Base: 2.6 (as of 03-10-2019 - 00:03)
Impact:
Exploitability:
CWE CWE-617
CAPEC
Access
VectorComplexityAuthentication
NETWORK HIGH NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE PARTIAL
cvss-vector via4 AV:N/AC:H/Au:N/C:N/I:N/A:P
refmap via4
debian DSA-4192
misc https://blogs.gentoo.org/ago/2017/04/30/libmad-assertion-failure-in-layer3-c/
mlist [debian-lts-announce] 20180518 [SECURITY] [DLA 1380-1] libmad security update
Last major update 03-10-2019 - 00:03
Published 01-05-2017 - 01:59
Last modified 03-10-2019 - 00:03
Back to Top