CVE-2012-1584

2012-09-06 20:55:01 2017-08-29 03:31:19

Integer overflow in the mid function in toolkit/tbytevector.cpp in TagLib 1.7 and earlier allows context-dependent attackers to cause a denial of service (application crash) via a crafted file header field in a media file, which triggers a large memory allocation.

Vector

NETWORK

Complexity

MEDIUM

Authentication

NONE

Confidentiality

NONE

Integrity

NONE

Availability

PARTIAL

Scott Wheeler TagLib 1.2 Scott Wheeler TagLib 1.6.2 Scott Wheeler TagLib 1.7 Scott Wheeler TagLib 1.4 Scott Wheeler TagLib 1.6.1 Scott Wheeler TagLib 1.1 Scott Wheeler TagLib 1.3.1 Scott Wheeler TagLib 1.3 Scott Wheeler TagLib 1.6.3 Scott Wheeler TagLib 1.0 Scott Wheeler TagLib 1.6 Scott Wheeler TagLib 1.5

Scott wheeler - Taglib

Advisory	Patch	Confirmed	Link
			https://github.com/taglib/taglib/commit/dcdf4fd954e3213c...
			52290
			taglib-mid-dos(78909)
			[oss-security] 20120326 Re: CVE-Request taglib vulnerabi...
			[oss-security] 20120321 Re: CVE-Request taglib vulnerabi...
			[oss-security] 20120305 Re: CVE-Request taglib vulnerabi...
			GLSA-201206-16
			[pipermail] 20120305 multiple security vulnerabilities i...
			[pipermail] 20120304 multiple security vulnerabilities i...

CVE-2012-1584

2012-09-06 20:55:01 2017-08-29 03:31:19

Vector

Complexity

Authentication

Confidentiality

Integrity

Availability

Numeric Errors (ID 189)