NULL Pointer Dereference Vulnerability in LAME 3.99.5's hip_decode_init Function

CVE-2017-15019 · MEDIUM Severity

AV:N/AC:M/AU:N/C:P/I:P/A:P

LAME 3.99.5 has a NULL Pointer Dereference in the hip_decode_init function within libmp3lame/mpglib_interface.c via a malformed mpg file, because of an incorrect calloc call.

Learn more about our Cis Benchmark Audit For Ibm I.