Show filters
29 Total Results
Displaying 21-29 of 29
Sort by:
Attacker Value
Unknown

CVE-2017-9872

Disclosure Date: June 25, 2017 (last updated November 26, 2024)
The III_dequantize_sample function in layer3.c in mpglib, as used in libmpgdecoder.a in LAME 3.99.5 and other products, allows remote attackers to cause a denial of service (stack-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted audio file.
0
Attacker Value
Unknown

CVE-2015-9101

Disclosure Date: June 25, 2017 (last updated November 26, 2024)
The fill_buffer_resample function in util.c in libmp3lame.a in LAME 3.98.4, 3.98.2, 3.98, 3.99, 3.99.1, 3.99.2, 3.99.3, 3.99.4 and 3.99.5 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted audio file.
Attacker Value
Unknown

CVE-2017-9869

Disclosure Date: June 25, 2017 (last updated November 26, 2024)
The II_step_one function in layer2.c in mpglib, as used in libmpgdecoder.a in LAME 3.99.5 and other products, allows remote attackers to cause a denial of service (buffer over-read and application crash) via a crafted audio file.
0
Attacker Value
Unknown

CVE-2017-9870

Disclosure Date: June 25, 2017 (last updated November 26, 2024)
The III_i_stereo function in layer3.c in mpglib, as used in libmpgdecoder.a in LAME 3.99.5 and other products, allows remote attackers to cause a denial of service (buffer over-read and application crash) via a crafted audio file that is mishandled in the code for the "block_type == 2" case, a similar issue to CVE-2017-11126.
0
Attacker Value
Unknown

CVE-2015-9100

Disclosure Date: June 25, 2017 (last updated November 26, 2024)
The fill_buffer_resample function in util.c in libmp3lame.a in LAME 3.99.5 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted audio file.
0
Attacker Value
Unknown

CVE-2017-9871

Disclosure Date: June 25, 2017 (last updated November 26, 2024)
The III_i_stereo function in layer3.c in mpglib, as used in libmpgdecoder.a in LAME 3.99.5 and other products, allows remote attackers to cause a denial of service (stack-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted audio file.
0
Attacker Value
Unknown

CVE-2017-8419

Disclosure Date: May 02, 2017 (last updated November 26, 2024)
LAME through 3.99.5 relies on the signed integer data type for values in a WAV or AIFF header, which allows remote attackers to cause a denial of service (stack-based buffer overflow or heap-based buffer overflow) or possibly have unspecified other impact via a crafted file, as demonstrated by mishandling of num_channels.
0
Attacker Value
Unknown

CVE-2011-5112

Disclosure Date: August 23, 2012 (last updated October 04, 2023)
SQL injection vulnerability in Alameda (com_alameda) component before 1.0.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the storeid parameter to index.php.
0
Attacker Value
Unknown

CVE-2008-5141

Disclosure Date: November 18, 2008 (last updated October 04, 2023)
flamethrower in flamethrower 0.1.8 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/multicast.tar.##### temporary file.
0