Show filters
29 Total Results
Displaying 21-29 of 29
Sort by:
Attacker Value
Unknown
CVE-2017-9872
Disclosure Date: June 25, 2017 (last updated November 26, 2024)
The III_dequantize_sample function in layer3.c in mpglib, as used in libmpgdecoder.a in LAME 3.99.5 and other products, allows remote attackers to cause a denial of service (stack-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted audio file.
0
Attacker Value
Unknown
CVE-2015-9101
Disclosure Date: June 25, 2017 (last updated November 26, 2024)
The fill_buffer_resample function in util.c in libmp3lame.a in LAME 3.98.4, 3.98.2, 3.98, 3.99, 3.99.1, 3.99.2, 3.99.3, 3.99.4 and 3.99.5 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted audio file.
0
Attacker Value
Unknown
CVE-2017-9869
Disclosure Date: June 25, 2017 (last updated November 26, 2024)
The II_step_one function in layer2.c in mpglib, as used in libmpgdecoder.a in LAME 3.99.5 and other products, allows remote attackers to cause a denial of service (buffer over-read and application crash) via a crafted audio file.
0
Attacker Value
Unknown
CVE-2017-9870
Disclosure Date: June 25, 2017 (last updated November 26, 2024)
The III_i_stereo function in layer3.c in mpglib, as used in libmpgdecoder.a in LAME 3.99.5 and other products, allows remote attackers to cause a denial of service (buffer over-read and application crash) via a crafted audio file that is mishandled in the code for the "block_type == 2" case, a similar issue to CVE-2017-11126.
0
Attacker Value
Unknown
CVE-2015-9100
Disclosure Date: June 25, 2017 (last updated November 26, 2024)
The fill_buffer_resample function in util.c in libmp3lame.a in LAME 3.99.5 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted audio file.
0
Attacker Value
Unknown
CVE-2017-9871
Disclosure Date: June 25, 2017 (last updated November 26, 2024)
The III_i_stereo function in layer3.c in mpglib, as used in libmpgdecoder.a in LAME 3.99.5 and other products, allows remote attackers to cause a denial of service (stack-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted audio file.
0
Attacker Value
Unknown
CVE-2017-8419
Disclosure Date: May 02, 2017 (last updated November 26, 2024)
LAME through 3.99.5 relies on the signed integer data type for values in a WAV or AIFF header, which allows remote attackers to cause a denial of service (stack-based buffer overflow or heap-based buffer overflow) or possibly have unspecified other impact via a crafted file, as demonstrated by mishandling of num_channels.
0
Attacker Value
Unknown
CVE-2011-5112
Disclosure Date: August 23, 2012 (last updated October 04, 2023)
SQL injection vulnerability in Alameda (com_alameda) component before 1.0.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the storeid parameter to index.php.
0
Attacker Value
Unknown
CVE-2008-5141
Disclosure Date: November 18, 2008 (last updated October 04, 2023)
flamethrower in flamethrower 0.1.8 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/multicast.tar.##### temporary file.
0