CyberSec.Space Logo
返回 CVE 浏览器

CVE-2017-11552

MEDIUM
6.5
CVSS Severity Score
EPSS Score0.0160%
EPSS Percentile35.10th
Published2017年8月1日
Last Modified2026年5月13日

Vulnerability Description

mpg321.c in mpg321 0.3.2-1 does not properly manage memory for use with libmad 0.15.1b, which allows remote attackers to cause a denial of service (memory corruption seen in a crash in the mad_decoder_run function in decoder.c in libmad) via a crafted MP3 file.

Affected Platforms (CPE)

📦
Underbit

Mad Libmad

= 0.15.1b

References & Advisories

🔗 http://seclists.org/fulldisclosure/2017/Jul/94
🔗 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=870406
🔗 https://www.exploit-db.com/exploits/42409/
🔗 http://seclists.org/fulldisclosure/2017/Jul/94
🔗 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=870406
🔗 https://www.exploit-db.com/exploits/42409/

相关漏洞威胁

CVE-2018-72639.8

The mad_decoder_run() function in decoder.c in Underbit libmad through 0.15.1b allows remote attackers to cause a denial of servic...

CVE-2017-83737.8

The mad_layer_III function in layer3.c in Underbit MAD libmad 0.15.1b allows remote attackers to cause a denial of service (heap-b...

CVE-2017-83745.5

The mad_bit_skip function in bit.c in Underbit MAD libmad 0.15.1b allows remote attackers to cause a denial of service (heap-based...

CVE-2017-83724.7

The mad_layer_III function in layer3.c in Underbit MAD libmad 0.15.1b, if NDEBUG is omitted, allows remote attackers to cause a de...