AVG-330 log

Package lame
Status Fixed
Severity High
Type multiple issues
Affected 3.99.5-3
Fixed 3.100-1
Current 3.100-4 [extra]
Ticket FS#54859
Created Wed Jun 28 12:17:51 2017
Issue Severity Remote Type Description
CVE-2017-15046 High Yes Arbitrary code execution
LAME before 3.100 has a stack-based buffer overflow in unpack_read_samples in frontend/get_audio.c leading to denial of service or possibly arbitrary code execution.
CVE-2017-15045 Medium Yes Denial of service
LAME before 3.100 has a heap-based buffer over-read in fill_buffer in libmp3lame/util.c, related to lame_encode_buffer_sample_t in libmp3lame/lame.c.
CVE-2017-15019 Medium Yes Denial of service
LAME before 3.100 has a NULL Pointer Dereference in the hip_decode_init function within libmp3lame/mpglib_interface.c via a malformed mpg file, because of...
CVE-2017-13712 Medium Yes Denial of service
NULL Pointer Dereference in the id3v2AddAudioDuration function in libmp3lame/id3tag.c in LAME before 3.100 allows attackers to perform denial of service by...
CVE-2017-11720 Medium Yes Denial of service
There is a division-by-zero vulnerability in LAME before 3.100, caused by a malformed input file.
CVE-2017-9872 High Yes Arbitrary code execution
The III_dequantize_sample function in layer3.c in mpglib, as used in libmpgdecoder.a in LAME before 3.100 and other products, allows remote attackers to...
CVE-2017-9871 High Yes Arbitrary code execution
The III_i_stereo function in layer3.c in mpglib, as used in libmpgdecoder.a in LAME before 3.100 and other products, allows remote attackers to cause a...
CVE-2017-9870 Medium Yes Denial of service
The III_i_stereo function in layer3.c in mpglib, as used in libmpgdecoder.a in LAME before 3.100 and other products, allows remote attackers to cause a...
CVE-2017-9869 Medium Yes Denial of service
The II_step_one function in layer2.c in mpglib, as used in libmpgdecoder.a in LAME before 3.100 and other products, allows remote attackers to cause a...
CVE-2017-9412 Medium Yes Denial of service
The unpack_read_samples function in frontend/get_audio.c in LAME before 3.100-1 allows remote attackers to cause a denial of service (invalid memory read...
CVE-2017-9411 Medium Yes Denial of service
The fill_buffer_resample function in libmp3lame/util.c in LAME before 3.100 allows remote attackers to cause a denial of service (invalid memory read and...
CVE-2017-9410 Medium Yes Denial of service
The fill_buffer_resample function in libmp3lame/util.c in LAME before 3.100 allows remote attackers to cause a denial of service (heap-based buffer...
CVE-2017-8419 High Yes Arbitrary code execution
LAME before 3.100 relies on the signed integer data type for values in a WAV or AIFF header, which allows remote attackers to cause a denial of service...
CVE-2015-9101 Medium Yes Denial of service
The fill_buffer_resample function in util.c in libmp3lame.a in LAME before 3.100 allows remote attackers to cause a denial of service (heap-based buffer...
CVE-2015-9100 Medium Yes Denial of service
The fill_buffer_resample function in util.c in libmp3lame.a in LAME before 3.100 allows remote attackers to cause a denial of service (NULL pointer...
CVE-2015-9099 Medium Yes Denial of service
The lame_init_params function in lame.c in libmp3lame.a in LAME before 3.100 allows remote attackers to cause a denial of service (invalid read and...