Home
Packages
Forums
Wiki
GitLab
Security
AUR
Download

issues
advisories
todo
stats
log
login

CVE-2017-9410 - log back

CVE-2017-9410 created at 25 Sep 2019 19:31:40

Severity

+

Medium

Remote

+

Remote

Type

+	Denial of service

Description

+	The fill_buffer_resample function in libmp3lame/util.c in LAME before 3.100 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted wav file.

References

+	https://sourceforge.net/p/lame/bugs/461/
+	http://seclists.org/fulldisclosure/2017/Jul/63
+	https://www.exploit-db.com/exploits/42390/

Notes

+	Duplicate of CVE-2015-9101