Scott Wheeler » Taglib : Security Vulnerabilities, CVEs,
Integer overflow in the mid function in toolkit/tbytevector.cpp in TagLib 1.7 and earlier allows context-dependent attackers to cause a denial of service (application crash) via a crafted file header field in a media file, which triggers a large memory allocation.
Max CVSS
4.3
EPSS Score
0.26%
Published
2012-09-06
Updated
2017-08-29
The parse function in ogg/xiphcomment.cpp in TagLib 1.7 and earlier allows remote attackers to cause a denial of service (crash) via a crafted vendorLength field in an ogg file.
Max CVSS
4.3
EPSS Score
1.78%
Published
2012-09-06
Updated
2017-08-29
The analyzeCurrent function in ape/apeproperties.cpp in TagLib 1.7 and earlier allows context-dependent attackers to cause a denial of service (application crash) via a crafted sampleRate in an ape file, which triggers a divide-by-zero error.
Max CVSS
4.3
EPSS Score
0.25%
Published
2012-09-06
Updated
2017-08-29
3 vulnerabilities found