CVE-2023-49356

HIGH

MP3Gain 1.6.2 - Denial of Service via WriteMP3GainAPETag Function

Title source: llm

Description

A stack buffer overflow vulnerability in MP3Gain v1.6.2 allows an attacker to cause a denial of service via the WriteMP3GainAPETag function at apetag.c:592.

References (1)

Core 1

Core References

Exploit, Third Party Advisory

https://github.com/linzc21/bug-reports/blob/main/reports/mp3gain/1.6.2/stack-buffer-overflow/CVE-2023-49356.md

View Exploit ZIP pw:eip

Scores

CVSS v3 7.5

EPSS 0.0069

EPSS Percentile 48.0%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CISA SSVC

Vulnrichment

Exploitation poc

Automatable yes

Technical Impact partial

Details

CWE

CWE-787

Status published

Products (1)

glensawyer/mp3gain 1.6.2

Published Dec 22, 2023

Tracked Since Feb 18, 2026