cpe:/a:scott_wheeler:taglib:1.0 cpe:/a:scott_wheeler:taglib:1.1 cpe:/a:scott_wheeler:taglib:1.2 cpe:/a:scott_wheeler:taglib:1.3 cpe:/a:scott_wheeler:taglib:1.3.1 cpe:/a:scott_wheeler:taglib:1.4 cpe:/a:scott_wheeler:taglib:1.5 cpe:/a:scott_wheeler:taglib:1.6 cpe:/a:scott_wheeler:taglib:1.6.1 cpe:/a:scott_wheeler:taglib:1.6.2 cpe:/a:scott_wheeler:taglib:1.6.3 cpe:/a:scott_wheeler:taglib:1.7 CVE-2012-1108 2012-09-06T14:55:01.050-04:00 2017-08-28T21:31:12.320-04:00 4.3 NETWORK MEDIUM NONE NONE NONE PARTIAL http://nvd.nist.gov 2012-09-07T09:01:00.000-04:00 SECUNIA 48211 SECUNIA 48792 SECUNIA 49688 BID 52284 OSVDB 79813 GENTOO GLSA-201206-16 MLIST [oss-security] 20120305 Re: CVE-Request taglib vulnerabilities MLIST [pipermail] 20120304 multiple security vulnerabilities in taglib MLIST [pipermail] 20120305 multiple security vulnerabilities in taglib CONFIRM https://github.com/taglib/taglib/commit/b3646a07348ffa276ea41a9dae03ddc63ea6c532 XF taglib-parse-dos(73665) The parse function in ogg/xiphcomment.cpp in TagLib 1.7 and earlier allows remote attackers to cause a denial of service (crash) via a crafted vendorLength field in an ogg file.