CVE-2023-49356

Name

CVE-2023-49356

Description

A stack buffer overflow vulnerability in MP3Gain v1.6.2 allows an attacker to cause a denial of service via the WriteMP3GainAPETag function at apetag.c:592.

NVD Severity

unknown

Other trackers

CVE, NVD, CERT, CVE Details, CIRCL, Arch Linux, Debian, Red Hat, Ubuntu, Gentoo, SUSE (Bugzilla), SUSE (CVE), Mageia

Mailing lists

oss-security, full-disclosure, bugtraq

Exploits

Exploit DB, Metasploit

Forges

GitHub (code, issues), Aports (code, issues)

References

Type	URI
cve@mitre.org	https://github.com/linzc21/bug-reports/blob/main/reports/mp3gain/1.6.2/stack-buffer-overflow/CVE-2023-49356.md

Match rules

CPE URI	Source package	Min version	Max version
`cpe:2.3:a:glensawyer:mp3gain:1.6.2:::::::*`	mp3gain	== None	== 1.6.2

Vulnerable and fixed packages

Source package	Branch	Version	Maintainer	Status
mp3gain	edge-community	1.6.2-r3	Celeste <cielesti@protonmail.com>	possibly vulnerable
mp3gain	3.22-community	1.6.2-r3	Celeste <cielesti@protonmail.com>	possibly vulnerable