CVEs-PoC/2016/CVE-2016-9266.md

CVE-2016-9266

Description

listmp3.c in libming 0.4.7 allows remote attackers to unspecified impact via a crafted mp3 file, which triggers an invalid left shift.

POC

Reference

• https://blogs.gentoo.org/ago/2016/11/09/libming-listmp3-left-shift-in-listmp3-c
• https://blogs.gentoo.org/ago/2016/11/09/libming-listmp3-left-shift-in-listmp3-c

Github

• https://github.com/mrash/afl-cve