The id3_ucs4_length function in ucs4.c in libid3tag 0.15.1b allows remote attackers to cause a denial of service (NULL Pointer Dereference and application crash) via a crafted mp3 file.
The product dereferences a pointer that it expects to be valid but is NULL.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Libid3tag | Libid3tag_project | 0.15.1b (including) | 0.15.1b (including) |
Libid3tag | Ubuntu | upstream | * |