Note:
This project will be discontinued after December 13, 2021. [more]
2019-10-23
A buffer over-read was discovered in ReadMP3APETag in apetag.c in MP3Gain 1.6.2. The vulnerability causes an application crash, which leads to remote denial of service.
| Products | Mp3gain |
| Type | Out-of-bounds Read (CWE-125) |
| First patch | - None (likely due to unavailable code) |
| Links |
• https://sourceforge.net/p/mp3gain/bugs/46/
• http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00025.html • http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00030.html |