CVE Vulnerabilities

CVE-2012-1584

Published: Sep 06, 2012 | Modified: Aug 29, 2017
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
4.3 MEDIUM
AV:N/AC:M/Au:N/C:N/I:N/A:P
RedHat/V2
4.3 MODERATE
AV:N/AC:M/Au:N/C:N/I:N/A:P
RedHat/V3
Ubuntu
LOW

Integer overflow in the mid function in toolkit/tbytevector.cpp in TagLib 1.7 and earlier allows context-dependent attackers to cause a denial of service (application crash) via a crafted file header field in a media file, which triggers a large memory allocation.

Affected Software

Name Vendor Start Version End Version
Taglib Scott_wheeler * 1.7 (including)
Taglib Scott_wheeler 1.0 (including) 1.0 (including)
Taglib Scott_wheeler 1.1 (including) 1.1 (including)
Taglib Scott_wheeler 1.2 (including) 1.2 (including)
Taglib Scott_wheeler 1.3 (including) 1.3 (including)
Taglib Scott_wheeler 1.3.1 (including) 1.3.1 (including)
Taglib Scott_wheeler 1.4 (including) 1.4 (including)
Taglib Scott_wheeler 1.5 (including) 1.5 (including)
Taglib Scott_wheeler 1.6 (including) 1.6 (including)
Taglib Scott_wheeler 1.6.1 (including) 1.6.1 (including)
Taglib Scott_wheeler 1.6.2 (including) 1.6.2 (including)
Taglib Scott_wheeler 1.6.3 (including) 1.6.3 (including)
Taglib Ubuntu hardy *
Taglib Ubuntu lucid *
Taglib Ubuntu maverick *
Taglib Ubuntu natty *
Taglib Ubuntu oneiric *
Taglib Ubuntu precise *
Taglib Ubuntu quantal *
Taglib Ubuntu raring *
Taglib Ubuntu saucy *
Taglib Ubuntu upstream *

References