Medium severity5.5NVD Advisory· Published Jun 25, 2017· Updated Jun 17, 2026
CVE-2015-9099
CVE-2015-9099
Description
The lame_init_params function in lame.c in libmp3lame.a in LAME 3.99.5 allows remote attackers to cause a denial of service (invalid read and application crash) via a crafted audio file with a negative sample rate.
Affected products
2- cpe:2.3:a:lame_project:lame:3.99.5:*:*:*:*:*:*:*
- Range: =3.99.5
Patches
Vulnerability mechanics
References
2- www.securityfocus.com/bid/99279nvdThird Party AdvisoryVDB Entry
- bugs.debian.org/cgi-bin/bugreport.cginvdIssue TrackingThird Party Advisory
News mentions
0No linked articles in our index yet.