CVE-2008-2109

EPSS 7.4%

Published: 5/7/2008Modified: 4/28/2026

Description

field.c in the libid3tag 0.15.0b library allows context-dependent attackers to cause a denial of service (CPU consumption) via an ID3_FIELD_TYPE_STRINGLIST field that ends in '\0', which triggers an infinite loop.

Affected packages (1)

Debian/libid3tagfrom 0, < 0.15.1b-8

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2008-2109