Vulnerability Details : CVE-2017-12839
A heap-based buffer over-read in the getbits function in src/libmpg123/getbits.h in mpg123 through 1.25.5 allows remote attackers to cause a possible denial-of-service (out-of-bounds read) or possibly have unspecified other impact via a crafted mp3 file.
Vulnerability category: Denial of service
Exploit prediction scoring system (EPSS) score for CVE-2017-12839
0.61%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 78 %
Percentile, the proportion of vulnerabilities that are scored at or less