redhat · CVE-2017-11735

Quick triage

Priority: not assigned Published: 2017-07-30 00:00:00 UTC Updated: 2017-07-30 00:00:00 UTC

View at Official redhat advisory, NVD, CVE.org · CVE detail

Freshness: upstream tracker timestamp is available; use API updated time as primary recency signal.

Tracker summary

[REJECTED CVE] A vulnerability was identified in the mp3splt package where an uninitialized structure with garbage values could be passed to libvorbis after an error was triggered on a malformed file. An attacker could exploit this by crafting a specially designed audio file that causes the application to crash instead of exiting cleanly. This issue was determined to have minimal security impact and the CVE has been rejected by MITRE.

Description:

[REJECTED CVE] A vulnerability was identified in the mp3splt package where an uninitialized structure with garbage values could be passed to libvorbis after an error was triggered on a malformed file. An attacker could exploit this by crafting a specially designed audio file that causes the application to crash instead of exiting cleanly. This issue was determined to have minimal security impact and the CVE has been rejected by MITRE.

cvelogic Threat Intelligence