Computer Security
[EN] securityvulns.ru no-pyccku


libid3tag library endless loop
Published:14.05.2008
Source:
SecurityVulns ID:8998
Type:library
Threat Level:
5/10
Description:Endless loop on MP3 files parsing.
Affected:LIBID3TAG : libid3tag 0.15
CVE:CVE-2008-2109 (field.c in the libid3tag 0.15.0b library allows context-dependent attackers to cause a denial of service (CPU consumption) via an ID3_FIELD_TYPE_STRINGLIST field that ends in '\0', which triggers an infinite loop.)
Original documentdocumentGENTOO, [ GLSA 200805-15 ] libid3tag: Denial of Service (14.05.2008)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod