CVE-2020-18651

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2020-18651
Buffer Overflow vulnerability in function ID3_Support::ID3v2Frame::getFrameValue in exempi 2.5.0 and earlier allows remote attackers to cause a denial of service via opening of crafted audio file with ID3V2 frame.

6.5 /10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 2.8 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction REQUIRED

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References
Link Resource
https://gitlab.freedesktop.org/libopenraw/exempi/commit/fdd4765a699f9700850098b43b9798b933acb32f Patch
https://gitlab.freedesktop.org/libopenraw/exempi/issues/13 Exploit Issue Tracking Vendor Advisory
https://lists.debian.org/debian-lts-announce/2023/09/msg00032.html
https://gitlab.freedesktop.org/libopenraw/exempi/commit/fdd4765a699f9700850098b43b9798b933acb32f Patch
https://gitlab.freedesktop.org/libopenraw/exempi/issues/13 Exploit Issue Tracking Vendor Advisory
https://lists.debian.org/debian-lts-announce/2023/09/msg00032.html
Configurations

Configuration 1 (hide)

cpe:2.3:a:exempi_project:exempi:*:*:*:*:*:*:*:*
History

21 Nov 2024, 05:08

Type Values Removed Values Added
References () https://gitlab.freedesktop.org/libopenraw/exempi/commit/fdd4765a699f9700850098b43b9798b933acb32f - Patch () https://gitlab.freedesktop.org/libopenraw/exempi/commit/fdd4765a699f9700850098b43b9798b933acb32f - Patch
References () https://gitlab.freedesktop.org/libopenraw/exempi/issues/13 - Exploit, Issue Tracking, Vendor Advisory () https://gitlab.freedesktop.org/libopenraw/exempi/issues/13 - Exploit, Issue Tracking, Vendor Advisory
References () https://lists.debian.org/debian-lts-announce/2023/09/msg00032.html - () https://lists.debian.org/debian-lts-announce/2023/09/msg00032.html -

26 Sep 2023, 01:15

Type Values Removed Values Added
References
  • (MLIST) https://lists.debian.org/debian-lts-announce/2023/09/msg00032.html -

25 Aug 2023, 21:07

Type Values Removed Values Added
CWE CWE-787
First Time Exempi Project exempi
Exempi Project
References (MISC) https://gitlab.freedesktop.org/libopenraw/exempi/issues/13 - (MISC) https://gitlab.freedesktop.org/libopenraw/exempi/issues/13 - Exploit, Issue Tracking, Vendor Advisory
References (MISC) https://gitlab.freedesktop.org/libopenraw/exempi/commit/fdd4765a699f9700850098b43b9798b933acb32f - (MISC) https://gitlab.freedesktop.org/libopenraw/exempi/commit/fdd4765a699f9700850098b43b9798b933acb32f - Patch
CVSS v2 : unknown
v3 : unknown 		v2 : unknown
v3 : 6.5
CPE cpe:2.3:a:exempi_project:exempi:*:*:*:*:*:*:*:*

22 Aug 2023, 20:10

Type Values Removed Values Added
New CVE
Information

Published : 2023-08-22 19:15

Updated : 2024-11-21 05:08

NVD link : CVE-2020-18651

Mitre link : CVE-2020-18651

CVE.ORG link : CVE-2020-18651

JSON object : View

Products Affected

exempi_project

  • exempi
CWE
CWE-787

Out-of-bounds Write


NetmanageIT Website NetmanageIT OSINT Web NetmanageIT OpenCTI NetmanageIT PDF Tools NetmanageIT CTO Corner Blog NetmanageIT Email Header Analyzer NetmanageIT Password Pusher NetmanageIT Internet Health and Latency Dashboard NetmanageIT Dedicated Speed Test Site NetmanageIT Ubuntu Mirror 10Gbps Copyright OpenCVE 2024