In libtag1-dev 1.11.1, the rebuildAggregateFrames function inid3v2frame factory.cpp has a pointer to cast vulnerability, which allow sremote attackers to cause a denial of service or possibly have unspecified other impact via a crafted audio file.