Vulnerability Details CVE-2017-11550
The id3_ucs4_length function in ucs4.c in libid3tag 0.15.1b allows remote attackers to cause a denial of service (NULL Pointer Dereference and application crash) via a crafted mp3 file.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.006
EPSS Ranking 68.2%
CVSS Severity
CVSS v3 Score 5.5
CVSS v2 Score 4.3
References
Products affected by CVE-2017-11550
-
cpe:2.3:a:libid3tag_project:libid3tag:0.15.1b