CVE-2018-14332 - CERT CVE
ID CVE-2018-14332
Sažetak An issue was discovered in Clementine Music Player 1.3.1. Clementine.exe is vulnerable to a user mode write access violation due to a NULL pointer dereference in the Init call in the MoodbarPipeline::NewPadCallback function in moodbar/moodbarpipeline.cpp. The vulnerability is triggered when the user opens a malformed mp3 file.
Reference
CVSS
Base: 1.9
Impact: 2.9
Exploitability:3.4
Pristup
VektorSloženostAutentikacija
LOCAL MEDIUM NONE
Impact
PovjerljivostCjelovitostDostupnost
NONE NONE PARTIAL
CVSS vektor AV:L/AC:M/Au:N/C:N/I:N/A:P
Zadnje važnije ažuriranje 21-07-2019 - 12:15
Objavljeno 19-07-2018 - 15:29