Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 521
Alerts This Week
Warning Icon 1 521

Gentoo: GLSA-200805-15 Normal: libid3tag Denial Of Service Risk

gentoo
Calendar Grey May 14, 2008
Dist Gentoo Esm H88
Vulnerability discovered in libid3tag on Gentoo systems. It's advisable to update to version 0.15.1b-r2 or higher to ensure security.
A Denial of Service vulnerability was found in libid3tag.

Summary

Gentoo Linux Security Advisory GLSA 200805-15 https://security.gentoo.org/ Severity: Normal Title: libid3tag: Denial of Service Date: May 14, 2008 Bugs: #210564 ID: 200805-15

Synopsis ======= A Denial of Service vulnerability was found in libid3tag.
Background ========= libid3tag is an ID3 tag manipulation library.
Affected packages ================ ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 media-libs/libid3tag < 0.15.1b-r2 >= 0.15.1b-r2
========== Kentaro Oda reported an infinite loop in the file field.c when parsing an MP3 file with an ID3_FIELD_TYPE_STRINGLIST field that ends in '\0'.
Impact ===== A remote attacker could entice a user to open a specially crafted MP3 file, possibly resulting i...

Read the Full Advisory

Resolution

References

Availability

style>.gentoo_availability{display:block;}

Concerns

Synopsis

Background

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Affected Packages

Impact

Workaround