CVE-2017-9871 log
| Source |
|
| Severity | High |
| Remote | Yes |
| Type | Arbitrary code execution |
| Description | The III_i_stereo function in layer3.c in mpglib, as used in libmpgdecoder.a in LAME before 3.100 and other products, allows remote attackers to cause a denial of service (stack-based buffer overflow and application crash) or possibly execute arbitrary code via a crafted audio file. |
| Group | Package | Affected | Fixed | Severity | Status | Ticket |
|---|---|---|---|---|---|---|
| AVG-330 | lame | 3.99.5-3 | 3.100-1 | High | Fixed | FS#54859 |
| References |
|---|
https://blogs.gentoo.org/ago/2017/06/17/lame-stack-based-buffer-overflow-in-iii_i_stereo-layer3-c/ |