CVE-2017-14408

MEDIUM

MP3Gain 1.5.2 - Denial of Service via Stack-Based Buffer Over-Read in dct36

Title source: llm
STIX 2.1

Description

A stack-based buffer over-read was discovered in dct36 in layer3.c in mpglibDBL, as used in MP3Gain version 1.5.2. The vulnerability causes an application crash, which leads to remote denial of service.

References (1)

Core 1

Scores

CVSS v3 5.5
EPSS 0.0086
EPSS Percentile 54.0%
Attack Vector LOCAL
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Details

CWE
CWE-125
Status published
Products (1)
mp3gain/mp3gain 1.5.2
Published Sep 13, 2017
Tracked Since Feb 18, 2026