Lucene search
GoogleOSV:CVE-2018-14332HistoryJul 19, 2018 - 3:29 p.m.
CVE-2018-14332
2018-07-1915:29:00
Google
osv.dev
4
An issue was discovered in Clementine Music Player 1.3.1. Clementine.exe is vulnerable to a user mode write access violation due to a NULL pointer dereference in the Init call in the MoodbarPipeline::NewPadCallback function in moodbar/moodbarpipeline.cpp. The vulnerability is triggered when the user opens a malformed mp3 file.
| CPE | Name | Operator | Version |
|---|---|---|---|
| clementine | eq | 1.3 | |
| clementine | eq | 1.2.1 | |
| clementine | eq | 1.3rc1 | |
| clementine | eq | 1.0 | |
| clementine | eq | 1.2.2 | |
| clementine | eq | 1.3.1 | |
| clementine | eq | 0.7.3 | |
| clementine | eq | 1.1.1 | |
| clementine | eq | 0.3rc1 | |
| clementine | eq | 1.0.1 |
References
lists.opensuse.org/opensuse-security-announce/2019-07/msg00038.html
lists.opensuse.org/opensuse-security-announce/2019-08/msg00064.html
github.com/clementine-player/Clementine/blob/e5ab3e786f9adde12cec3cc90cfe8c1cc6b06320/src/moodbar/moodbarpipeline.cpp#L155
github.com/clementine-player/Clementine/issues/6078
github.com/MostafaSoliman/Security-Advisories/blob/master/CVE-2018-14332
Related
cve
cve
CVE-2018-14332
2018-07-19 15:29:00
nessus
nessus
openSUSE Security Update : clementine (openSUSE-2019-1780)
2019-07-22 00:00:00
cvelist
cvelist
CVE-2018-14332
2018-07-19 15:00:00
prion
prion
Null pointer dereference
2018-07-19 15:29:00
nvd
nvd
CVE-2018-14332
2018-07-19 15:29:00
suse
suse
Security update for clementine (moderate)
2019-07-21 00:00:00
Security update for clementine (moderate)
2019-08-19 00:00:00
openvas
openvas
openSUSE: Security Advisory for clementine (openSUSE-SU-2019:1780-1)
2019-07-22 00:00:00
ubuntucve
ubuntucve
CVE-2018-14332
2018-07-19 00:00:00
debiancve
debiancve
CVE-2018-14332
2018-07-19 15:29:00