CVE-2017-9412 - log back

CVE-2017-9412 created at 25 Sep 2019 19:31:40
Severity
+ Medium
Remote
+ Remote
Type
+ Denial of service
Description
+ The unpack_read_samples function in frontend/get_audio.c in LAME before 3.100-1 allows remote attackers to cause a denial of service (invalid memory read and application crash) via a crafted wav file.
References
+ https://sourceforge.net/p/lame/bugs/463
+ http://seclists.org/fulldisclosure/2017/Jul/63
+ https://www.exploit-db.com/exploits/42390/
Notes