CVE-2017-9872 log

Severity High
Remote Yes
Type Arbitrary code execution
The III_dequantize_sample function in layer3.c in mpglib, as used in libmpgdecoder.a in LAME before 3.100 and other products, allows remote attackers to cause a denial of service (stack-based buffer overflow and application crash) or possibly execute arbitrary code via a crafted audio file.
Group Package Affected Fixed Severity Status Ticket
AVG-330 lame 3.99.5-3 3.100-1 High Fixed FS#54859