Skip to main content

Libmp3Splt

2 CVEs product

Monthly

CVE-2017-15185 MEDIUM POC This Month

plugins/ogg.c in Libmp3splt 0.9.2 calls the libvorbis vorbis_block_clear function with uninitialized data upon detection of invalid input, which allows remote attackers to cause a denial of service. Rated medium severity (CVSS 5.0), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Libmp3Splt
NVD Exploit-DB
CVSS 3.0
5.0
EPSS
0.2%
CVE-2017-5665 MEDIUM POC This Month

The splt_cue_export_to_file function in cue.c in libmp3splt 0.9.2 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted file. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Null Pointer Dereference Denial Of Service Libmp3Splt
NVD
CVSS 3.0
5.5
EPSS
0.2%
EPSS 0% CVSS 5.0
MEDIUM POC This Month

plugins/ogg.c in Libmp3splt 0.9.2 calls the libvorbis vorbis_block_clear function with uninitialized data upon detection of invalid input, which allows remote attackers to cause a denial of service. Rated medium severity (CVSS 5.0), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Libmp3Splt
NVD Exploit-DB
EPSS 0% CVSS 5.5
MEDIUM POC This Month

The splt_cue_export_to_file function in cue.c in libmp3splt 0.9.2 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted file. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Null Pointer Dereference Denial Of Service Libmp3Splt
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy