SB2017030125 - Multiple vulnerabilities in io_alex_2004 mp3splt

Description

This security bulletin contains information about 2 vulnerabilities.

1) Use-after-free (CVE-ID: CVE-2017-5666)

The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.

The free_options function in options_manager.c in mp3splt 2.6.2 allows remote attackers to cause a denial of service (invalid free and crash) via a crafted file.

2) Input validation error (CVE-ID: CVE-2017-5851)

The vulnerability allows remote attackers to perform a denial of service (DoS) attack.

The vulnerability exists due to insufficient validation of user-supplied input. A remote attacker can cause a denial of service (NULL pointer dereference and crash) via a crafted file.

Remediation

Cybersecurity Help is not aware of any official remediation provided by the vendor.

References

• http://www.securityfocus.com/bid/95908
• https://blogs.gentoo.org/ago/2017/01/29/mp3splt-invalid-free-in-free_options-options_manager-c/
• http://www.securityfocus.com/bid/96002
• https://blogs.gentoo.org/ago/2017/02/01/mp3splt-null-pointer-dereference-in-free_options-options_manager-c/