CyberSec.Space Logo
CVEブラウザに戻る

CVE-2017-8373

HIGH
7.8
CVSS Severity Score
EPSS Score0.1600%
EPSS Percentile43.28th
Published2017年5月1日
Last Modified2026年5月13日

Vulnerability Description

The mad_layer_III function in layer3.c in Underbit MAD libmad 0.15.1b allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted audio file.

Affected Platforms (CPE)

📦
Underbit

Mad Libmad

= 0.15.1b

References & Advisories

🔗 https://blogs.gentoo.org/ago/2017/04/30/libmad-heap-based-buffer-overflow-in-mad_layer_iii-layer3-c/
🔗 https://lists.debian.org/debian-lts-announce/2018/05/msg00011.html
🔗 https://www.debian.org/security/2018/dsa-4192
🔗 https://blogs.gentoo.org/ago/2017/04/30/libmad-heap-based-buffer-overflow-in-mad_layer_iii-layer3-c/
🔗 https://lists.debian.org/debian-lts-announce/2018/05/msg00011.html
🔗 https://www.debian.org/security/2018/dsa-4192

関連する脆弱性情報

CVE-2018-72639.8

The mad_decoder_run() function in decoder.c in Underbit libmad through 0.15.1b allows remote attackers to cause a denial of servic...

CVE-2017-115526.5

mpg321.c in mpg321 0.3.2-1 does not properly manage memory for use with libmad 0.15.1b, which allows remote attackers to cause a d...

CVE-2017-83745.5

The mad_bit_skip function in bit.c in Underbit MAD libmad 0.15.1b allows remote attackers to cause a denial of service (heap-based...

CVE-2017-83724.7

The mad_layer_III function in layer3.c in Underbit MAD libmad 0.15.1b, if NDEBUG is omitted, allows remote attackers to cause a de...