CVE-2017-14410

MEDIUM

MP3Gain <1.5.2 - Buffer Overflow

Title source: llm

Description

A buffer over-read was discovered in III_i_stereo in layer3.c in mpglibDBL, as used in MP3Gain version 1.5.2. The vulnerability causes an application crash, which leads to remote denial of service.

References (1)

Core 1

Core References

Third Party Advisory x_refsource_misc

https://blogs.gentoo.org/ago/2017/09/08/mp3gain-global-buffer-overflow-in-iii_i_stereo-mpglibdbllayer3-c/

Scores

CVSS v3 5.5

EPSS 0.0024

EPSS Percentile 47.4%

Attack Vector LOCAL

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Details

CWE

CWE-125

Status published

Products (1)

mp3gain/mp3gain 1.5.2

Published Sep 13, 2017

Tracked Since Feb 18, 2026