{"id":"CVE-2017-12797","details":"Integer overflow in the INT123_parse_new_id3 function in the ID3 parser in mpg123 before 1.25.5 on 32-bit platforms allows remote attackers to cause a denial of service via a crafted file, which triggers a heap-based buffer overflow.","modified":"2026-04-16T01:48:59.226974659Z","published":"2017-08-29T15:29:00.800Z","references":[{"type":"ADVISORY","url":"https://sourceforge.net/p/mpg123/bugs/254/"},{"type":"ADVISORY","url":"https://sourceforge.net/p/mpg123/mailman/message/35987663/"}],"affected":[{"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2017-12797.json","unresolved_ranges":[{"events":[{"introduced":"0"},{"last_affected":"1.25.4"}]}]}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}]}