« List of all CVEs

CVE-2017-10683

Published: 6/29/2017 Last updated: 9/16/2024 Reserved: 6/29/2017

In mpg123 1.25.0, there is a heap-based buffer over-read in the convert_latin1 function in libmpg123/id3.c. A crafted input will lead to a remote denial of service attack.

CNA assigner: mitre (8254265b-2729-46b6-b9e3-3dfca2d5bfca) Requested by: n/a

Opam packages affected (1)

conf-libmpg123

Products affected (1)

Product Vendor Version
n/a n/a <= 27.9.5

References (2)