2017-07-27 08:29:00 2019-10-03 02:03:26

The next_text function in src/libmpg123/id3.c in mpg123 1.24.0 allows remote attackers to cause a denial of service (buffer over-read) via a crafted mp3 file.

Vector

NETWORK

Complexity

MEDIUM

Authentication

NONE

Confidentiality

NONE

Integrity

NONE

Availability

PARTIAL
Advisory Patch Confirmed Link
http://seclists.org/fulldisclosure/2017/Jul/65