CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2017-8374

The mad_bit_skip function in bit.c in Underbit MAD libmad 0.15.1b allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted audio file.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 43.4%

CVSS Severity

CVSS v3 Score 5.5

CVSS v2 Score 4.3

References

https://blogs.gentoo.org/ago/2017/04/30/libmad-heap-based-buffer-overflow-in-mad_bit_skip-bit-c/
https://lists.debian.org/debian-lts-announce/2018/05/msg00011.html
https://www.debian.org/security/2018/dsa-4192
https://blogs.gentoo.org/ago/2017/04/30/libmad-heap-based-buffer-overflow-in-mad_bit_skip-bit-c/
https://lists.debian.org/debian-lts-announce/2018/05/msg00011.html
https://www.debian.org/security/2018/dsa-4192

Products affected by CVE-2017-8374

Underbit » Mad Libmad » Version: 0.15.1b

cpe:2.3:a:underbit:mad_libmad:0.15.1b

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2017-8374

Products

Pricing

Contact Us