Clementine-player Clementine 1.3.1

CPE Details

Clementine-player Clementine 1.3.1
clementine-player
clementine
1.3.1
2020-09-14
14h35 +00:00
2020-09-14
14h35 +00:00
CPE NVD
Alerte pour un CPE
Restez informé de toutes modifications pour un CPE spécifique.
Gestion des notifications

CPE Name: cpe:2.3:a:clementine-player:clementine:1.3.1:*:*:*:*:*:*:*

Informations

Vendor

clementine-player

Product

clementine

Version

1.3.1

Related CVE

Open and find in CVE List

CVE ID Publié Description Score Gravité
CVE-2021-40826 2021-12-15 05h38 +00:00 Clementine Music Player through 1.3.1 is vulnerable to a User Mode Write Access Violation, affecting the MP3 file parsing functionality at clementine+0x3aa207. The vulnerability is triggered when the user opens a crafted MP3 file or loads a remote stream URL that is mishandled by Clementine. Attackers could exploit this issue to cause a crash (DoS) of the clementine.exe process or achieve arbitrary code execution in the context of the current logged-in Windows user.
7.8
Haute
CVE-2021-40827 2021-12-15 05h37 +00:00 Clementine Music Player through 1.3.1 (when a GLib 2.0.0 DLL is used) is vulnerable to a Read Access Violation on Block Data Move, affecting the MP3 file parsing functionality at memcpy+0x265. The vulnerability is triggered when the user opens a crafted MP3 file or loads a remote stream URL that is mishandled by Clementine. Attackers could exploit this issue to cause a crash (DoS) of the clementine.exe process or achieve arbitrary code execution in the context of the current logged-in Windows user.
7.8
Haute
CVE-2018-14332 2018-07-19 13h00 +00:00 An issue was discovered in Clementine Music Player 1.3.1. Clementine.exe is vulnerable to a user mode write access violation due to a NULL pointer dereference in the Init call in the MoodbarPipeline::NewPadCallback function in moodbar/moodbarpipeline.cpp. The vulnerability is triggered when the user opens a malformed mp3 file.
5.5
Moyen