ByteOS Network

NVD Vulnerability Details :

CVE-2017-15045

Deferred

Source-cve@mitre.org

Published At-06 Oct, 2017 | 04:29

Updated At-20 Apr, 2025 | 01:37

LAME 3.99, 3.99.1, 3.99.2, 3.99.3, 3.99.4, 3.99.5, 3.98.4, 3.98.2 and 3.98 has a heap-based buffer over-read in fill_buffer in libmp3lame/util.c, related to lame_encode_buffer_sample_t in libmp3lame/lame.c, a different vulnerability than CVE-2017-9410.

Date Added	Due Date	Vulnerability Name	Required Action
	N/A

Metrics

Type	Version	Base score	Base severity	Vector
Primary	3.0	5.5	MEDIUM	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Primary	2.0	4.3	MEDIUM	AV:N/AC:M/Au:N/C:N/I:N/A:P

CPE Matches

lame_project>>lame>>3.99.5

cpe:2.3:a:lame_project:lame:3.99.5:*:*:*:*:*:*:*

Weaknesses

CWE ID	Type	Source
CWE-125	Primary	nvd@nist.gov

References

Hyperlink	Source	Resource
https://github.com/Hack-Me/Pocs_for_Multi_Versions/tree/main/CVE-2017-15045	cve@mitre.org	N/A
https://sourceforge.net/p/lame/bugs/478/	cve@mitre.org	Exploit Third Party Advisory
https://github.com/Hack-Me/Pocs_for_Multi_Versions/tree/main/CVE-2017-15045	af854a3a-2127-422b-91ae-364da2661108	N/A
https://sourceforge.net/p/lame/bugs/478/	af854a3a-2127-422b-91ae-364da2661108	Exploit Third Party Advisory

CISA Catalog

Metrics

CPE Matches

Weaknesses

Evaluator Description

Evaluator Impact

Evaluator Solution

Vendor Statements

References

Change History