Vulnerability Details CVE-2017-8419
LAME through 3.99.5 relies on the signed integer data type for values in a WAV or AIFF header, which allows remote attackers to cause a denial of service (stack-based buffer overflow or heap-based buffer overflow) or possibly have unspecified other impact via a crafted file, as demonstrated by mishandling of num_channels.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.01
EPSS Ranking 75.2%
CVSS Severity
CVSS v3 Score 7.8
CVSS v2 Score 6.8
Products affected by CVE-2017-8419
-
cpe:2.3:a:lame_project:lame:3.0
-
cpe:2.3:a:lame_project:lame:3.01
-
cpe:2.3:a:lame_project:lame:3.02
-
cpe:2.3:a:lame_project:lame:3.03
-
cpe:2.3:a:lame_project:lame:3.04
-
cpe:2.3:a:lame_project:lame:3.10
-
cpe:2.3:a:lame_project:lame:3.11
-
cpe:2.3:a:lame_project:lame:3.12
-
cpe:2.3:a:lame_project:lame:3.13
-
cpe:2.3:a:lame_project:lame:3.15
-
cpe:2.3:a:lame_project:lame:3.16
-
cpe:2.3:a:lame_project:lame:3.17
-
cpe:2.3:a:lame_project:lame:3.18
-
cpe:2.3:a:lame_project:lame:3.19
-
cpe:2.3:a:lame_project:lame:3.20
-
cpe:2.3:a:lame_project:lame:3.21
-
cpe:2.3:a:lame_project:lame:3.22
-
cpe:2.3:a:lame_project:lame:3.23
-
cpe:2.3:a:lame_project:lame:3.24
-
cpe:2.3:a:lame_project:lame:3.25
-
cpe:2.3:a:lame_project:lame:3.26
-
cpe:2.3:a:lame_project:lame:3.27
-
cpe:2.3:a:lame_project:lame:3.28
-
cpe:2.3:a:lame_project:lame:3.29
-
cpe:2.3:a:lame_project:lame:3.30
-
cpe:2.3:a:lame_project:lame:3.31
-
cpe:2.3:a:lame_project:lame:3.32
-
cpe:2.3:a:lame_project:lame:3.33
-
cpe:2.3:a:lame_project:lame:3.34
-
cpe:2.3:a:lame_project:lame:3.35
-
cpe:2.3:a:lame_project:lame:3.36
-
cpe:2.3:a:lame_project:lame:3.37
-
cpe:2.3:a:lame_project:lame:3.50
-
cpe:2.3:a:lame_project:lame:3.51
-
cpe:2.3:a:lame_project:lame:3.52
-
cpe:2.3:a:lame_project:lame:3.53
-
cpe:2.3:a:lame_project:lame:3.54
-
cpe:2.3:a:lame_project:lame:3.55
-
cpe:2.3:a:lame_project:lame:3.56
-
cpe:2.3:a:lame_project:lame:3.57
-
cpe:2.3:a:lame_project:lame:3.58
-
cpe:2.3:a:lame_project:lame:3.59
-
cpe:2.3:a:lame_project:lame:3.60
-
cpe:2.3:a:lame_project:lame:3.61
-
cpe:2.3:a:lame_project:lame:3.62
-
cpe:2.3:a:lame_project:lame:3.63
-
cpe:2.3:a:lame_project:lame:3.64
-
cpe:2.3:a:lame_project:lame:3.65
-
cpe:2.3:a:lame_project:lame:3.66
-
cpe:2.3:a:lame_project:lame:3.67
-
cpe:2.3:a:lame_project:lame:3.68
-
cpe:2.3:a:lame_project:lame:3.69
-
cpe:2.3:a:lame_project:lame:3.70
-
cpe:2.3:a:lame_project:lame:3.80
-
cpe:2.3:a:lame_project:lame:3.81
-
cpe:2.3:a:lame_project:lame:3.82
-
cpe:2.3:a:lame_project:lame:3.83
-
cpe:2.3:a:lame_project:lame:3.84
-
cpe:2.3:a:lame_project:lame:3.85
-
cpe:2.3:a:lame_project:lame:3.86
-
cpe:2.3:a:lame_project:lame:3.87
-
cpe:2.3:a:lame_project:lame:3.88
-
cpe:2.3:a:lame_project:lame:3.89
-
cpe:2.3:a:lame_project:lame:3.90
-
cpe:2.3:a:lame_project:lame:3.91
-
cpe:2.3:a:lame_project:lame:3.92
-
cpe:2.3:a:lame_project:lame:3.93
-
cpe:2.3:a:lame_project:lame:3.93.1
-
cpe:2.3:a:lame_project:lame:3.94
-
cpe:2.3:a:lame_project:lame:3.95
-
cpe:2.3:a:lame_project:lame:3.95.1
-
cpe:2.3:a:lame_project:lame:3.96
-
cpe:2.3:a:lame_project:lame:3.96.1
-
cpe:2.3:a:lame_project:lame:3.97
-
cpe:2.3:a:lame_project:lame:3.98
-
cpe:2.3:a:lame_project:lame:3.98.1
-
cpe:2.3:a:lame_project:lame:3.98.2
-
cpe:2.3:a:lame_project:lame:3.98.3
-
cpe:2.3:a:lame_project:lame:3.98.4
-
cpe:2.3:a:lame_project:lame:3.99
-
cpe:2.3:a:lame_project:lame:3.99.1
-
cpe:2.3:a:lame_project:lame:3.99.2
-
cpe:2.3:a:lame_project:lame:3.99.3
-
cpe:2.3:a:lame_project:lame:3.99.4
-
cpe:2.3:a:lame_project:lame:3.99.5