ID:

CVE-2017-14408 (NVD)

- Vulnerability Info (edit)
2017-09-13

A stack-based buffer over-read was discovered in dct36 in layer3.c in mpglibDBL, as used in MP3Gain version 1.5.2. The vulnerability causes an application crash, which leads to remote denial of service.

Products Mp3gain
Type Out-of-bounds Read (CWE-125)
First patch - None (likely due to unavailable code)
Links https://blogs.gentoo.org/ago/2017/09/08/mp3gain-stack-based-buffer-overflow-in-dct36-mpglibdbllayer3-c/
Annotation

Note:

No patch was assigned yet.