CVE-2012-1108

The parse function in ogg/xiphcomment.cpp in TagLib 1.7 and earlier allows remote attackers to cause a denial of service (crash) via a crafted vendorLength field in an ogg file.

Date published : 2012-09-06

http://www.securityfocus.com/bid/52284

https://github.com/taglib/taglib/commit/b3646a07348ffa276ea41a9dae03ddc63ea6c532