Buffer Overflow vulnerability in function ID3_Support::ID3v2Frame::getFrameValue in exempi 2.5.0 and earlier allows remote attackers to cause a denial of service via opening of crafted audio file with ID3V2 frame.
{ "vanir_signatures": [ { "target": { "file": "XMPFiles/source/FormatSupport/ID3_Support.cpp" }, "digest": { "line_hashes": [ "191223537568591142256675037692688779551", "22815773610043489497593345833893301183", "257416147181737448390450475147056941294", "11903588326941419545807853087990027803", "116744771392808866718209162519708964747", "235076022766644690207948933574498340573" ], "threshold": 0.9 }, "signature_version": "v1", "id": "CVE-2020-18651-3df736cc", "source": "https://gitlab.freedesktop.org/libopenraw/exempi@fdd4765a699f9700850098b43b9798b933acb32f", "signature_type": "Line", "deprecated": false }, { "target": { "function": "ID3v2Frame::getFrameValue", "file": "XMPFiles/source/FormatSupport/ID3_Support.cpp" }, "digest": { "length": 1442.0, "function_hash": "252093737416883736172584640969702210961" }, "signature_version": "v1", "id": "CVE-2020-18651-f1085e3b", "source": "https://gitlab.freedesktop.org/libopenraw/exempi@fdd4765a699f9700850098b43b9798b933acb32f", "signature_type": "Function", "deprecated": false } ] }