CVE-2018-10777
HIGHmp3gain through 1.5.2-r2 - Buffer Overflow in WriteMP3GainAPETag
Title source: llmDescription
Buffer overflow in the WriteMP3GainAPETag function in apetag.c in mp3gain through 1.5.2-r2 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact.
References (1)
Core 1
Core References
Third Party Advisory x_refsource_misc
https://docs.google.com/document/d/11Ms9j82hpH8iA0oc4QH0qUG6gq-ZOiqI0YroAFMrcD8/edit
Scores
CVSS v3
7.8
EPSS
0.0101
EPSS Percentile
59.0%
Attack Vector
LOCAL
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Details
CWE
CWE-119
Status
published
Products (2)
mp3gain/mp3gain
1.5.2 rc1 (2 CPE variants)
mp3gain/mp3gain
< 1.5.2
Published
May 07, 2018
Tracked Since
Feb 18, 2026