New vulnerability on the NVD: CVE-2004-2779

February 20, 2018

id3_utf16_deserialize() in utf16.c in libid3tag through 0.15.1b misparses ID3v2 tags encoded in UTF-16 with an odd number of bytes, triggering an endless loop allocating memory until an OOM condition is reached, leading to denial-of-service (DoS).

Published at: February 21, 2018 at 02:29AM

Search This Blog

New York Fashion Week

New vulnerability on the NVD: CVE-2004-2779

Comments

Post a Comment

Popular posts from this blog

New story on InStyle: Prince Andrew's Friends Are Now Calling the Allegations Against Him a "Witch Hunt"

New story on InStyle: Melania Trump Leaves Hospital After "Successful" Kidney Surgery

New story on InStyle: How Cannabis Company Lord Jones Was Born