Vulnerabilities > CVE-2017-14406 - NULL Pointer Dereference vulnerability in Mp3Gain 1.5.2

047910
CVSS 4.3 - MEDIUM
Attack vector
NETWORK
Attack complexity
MEDIUM
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
PARTIAL

Summary

A NULL pointer dereference was discovered in sync_buffer in interface.c in mpglibDBL, as used in MP3Gain version 1.5.2. The vulnerability causes a segmentation fault and application crash, which leads to remote denial of service.

Vulnerable Configurations

Part Description Count
Application
Mp3Gain
1

Common Weakness Enumeration (CWE)