CVE-2012-1108

Published: Sep 6, 2012

Modified: Aug 6, 2024

PUBLISHED

Description

The parse function in ogg/xiphcomment.cpp in TagLib 1.7 and earlier allows remote attackers to cause a denial of service (crash) via a crafted vendorLength field in an ogg file.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

49688

third-party-advisory

x_refsource_SECUNIA

79813

vdb-entry

x_refsource_OSVDB

https://github.com/taglib/taglib/commit/b3646a07348ffa276ea41a9dae03ddc63ea6c532

x_refsource_CONFIRM

48792

third-party-advisory

x_refsource_SECUNIA

[pipermail] 20120304 multiple security vulnerabilities in taglib

mailing-list

x_refsource_MLIST

GLSA-201206-16

vendor-advisory

x_refsource_GENTOO

[pipermail] 20120305 multiple security vulnerabilities in taglib

mailing-list

x_refsource_MLIST

48211

third-party-advisory

x_refsource_SECUNIA

taglib-parse-dos(73665)

vdb-entry

x_refsource_XF

52284

vdb-entry

x_refsource_BID

[oss-security] 20120305 Re: CVE-Request taglib vulnerabilities

mailing-list

x_refsource_MLIST

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2012-1108

Description

Affected Products

References