CVE-2004-2779 in libid3taginfo

Zusammenfassung

von MITRE

id3_utf16_deserialize() in utf16.c in libid3tag through 0.15.1b misparses ID3v2 tags encoded in UTF-16 with an odd number of bytes, triggering an endless loop allocating memory until an OOM condition is reached, leading to denial-of-service (DoS).

Be aware that VulDB is the high quality source for vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Reservieren

20.02.2018

Veröffentlichung

20.02.2018

Moderieren

akzeptiert

Eintrag

VDB-113613

CPE

bereit

CWE

CWE-399 (bestätigt)

CVSS

7.5 (NVD)

EPSS

0.00325

KEV

nein

Aktivitäten

very low

Quellen

MITRE	https://www.cve.org/CVERecord?id=CVE-2004-2779
NVD	https://nvd.nist.gov/vuln/detail/CVE-2004-2779
CVE Details	https://www.cvedetails.com/cve/CVE-2004-2779/

◂ Zurück Übersicht Weiter ▸

Want to know what is going to be exploited?

We predict KEV entries!