CVE-2017-14408

MEDIUM

MP3Gain <1.5.2 - Buffer Overflow

Title source: llm

Description

A stack-based buffer over-read was discovered in dct36 in layer3.c in mpglibDBL, as used in MP3Gain version 1.5.2. The vulnerability causes an application crash, which leads to remote denial of service.

References (1)

Core 1

Core References

Third Party Advisory x_refsource_misc

https://blogs.gentoo.org/ago/2017/09/08/mp3gain-stack-based-buffer-overflow-in-dct36-mpglibdbllayer3-c/

Scores

CVSS v3 5.5

EPSS 0.0043

EPSS Percentile 63.1%

Attack Vector LOCAL

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Details

CWE

CWE-125

Status published

Products (1)

mp3gain/mp3gain 1.5.2

Published Sep 13, 2017

Tracked Since Feb 18, 2026