CVE-2012-1107

Published: Sep 6, 2012

Modified: Aug 6, 2024

PUBLISHED

Description

The analyzeCurrent function in ape/apeproperties.cpp in TagLib 1.7 and earlier allows context-dependent attackers to cause a denial of service (application crash) via a crafted sampleRate in an ape file, which triggers a divide-by-zero error.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

49688

third-party-advisory

x_refsource_SECUNIA

79814

vdb-entry

x_refsource_OSVDB

48792

third-party-advisory

x_refsource_SECUNIA

[pipermail] 20120304 multiple security vulnerabilities in taglib

mailing-list

x_refsource_MLIST

GLSA-201206-16

vendor-advisory

x_refsource_GENTOO

https://github.com/taglib/taglib/commit/77d61c6eca4d08b9b025738acf6b926cc750db23

x_refsource_CONFIRM

48211

third-party-advisory

x_refsource_SECUNIA

52284

vdb-entry

x_refsource_BID

taglib-analyzecurrent-dos(73666)

vdb-entry

x_refsource_XF

[pipermail] 20120304 multiple security vulnerabilities in taglib

mailing-list

x_refsource_MLIST

[oss-security] 20120305 Re: CVE-Request taglib vulnerabilities

mailing-list

x_refsource_MLIST

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2012-1107

Description

Affected Products

References