[Bug 1082391] VUL-0: CVE-2017-9872: lame: The III_dequantize_sample function in layer3.c in mpglib, as used inlibmpgdecoder.a in LAME 3.99.5 and other products, allows remote attackers tocause a denial of service (stack-based buffer overflow and application

24 Feb 2018

      http://bugzilla.suse.com/show_bug.cgi?id=1082391

SMASH SMASH <smash_bz@suse.de> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
         Whiteboard|obs:running:7833:important  |obs:running:7833:important
                   |                            |CVSSv2:NVD:CVE-2017-9872:6.
                   |                            |8:(AV:N/AC:M/Au:N/C:P/I:P/A
                   |                            |:P)
                   |                            |CVSSv3:NVD:CVE-2017-9872:7.
                   |                            |8:(AV:L/AC:L/PR:N/UI:R/S:U/
                   |                            |C:H/I:H/A:H)
                   |                            |CVSSv3:RedHat:CVE-2017-9872
                   |                            |:3.3:(AV:L/AC:L/PR:N/UI:R/S
                   |                            |:U/C:N/I:N/A:L)

-- 
You are receiving this mail because:
You are on the CC list for the bug.

[Bug 1082391] VUL-0: CVE-2017-9872: lame: The III_dequantize_sample function in layer3.c in mpglib, as used inlibmpgdecoder.a in LAME 3.99.5 and other products, allows remote attackers tocause a denial of service (stack-based buffer overflow and application

bugzilla_noreply＠novell.com