RSS   Vulnerabilities for 'Taglib'   RSS

2012-09-06
 
CVE-2012-1584

CWE-189
 

 
Integer overflow in the mid function in toolkit/tbytevector.cpp in TagLib 1.7 and earlier allows context-dependent attackers to cause a denial of service (application crash) via a crafted file header field in a media file, which triggers a large memory allocation.

 
 
CVE-2012-1108

CWE-20
 

 
The parse function in ogg/xiphcomment.cpp in TagLib 1.7 and earlier allows remote attackers to cause a denial of service (crash) via a crafted vendorLength field in an ogg file.

 
 
CVE-2012-1107

CWE-noinfo
 

 
The analyzeCurrent function in ape/apeproperties.cpp in TagLib 1.7 and earlier allows context-dependent attackers to cause a denial of service (application crash) via a crafted sampleRate in an ape file, which triggers a divide-by-zero error.

 


Copyright 2024, cxsecurity.com

 

Back to Top