Mega-nerd » Libsndfile : Security Vulnerabilities, CVEs,
Heap-based buffer overflow in libsndfile 1.0.25 allows remote attackers to have unspecified impact via the headindex value in the header in an AIFF file.
Max CVSS
9.3
EPSS Score
10.97%
Published
2015-11-17
Updated
2018-10-30
Integer overflow in libsndfile before 1.0.25 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PARIS Audio Format (PAF) file that triggers a heap-based buffer overflow.
Max CVSS
6.8
EPSS Score
7.46%
Published
2011-07-27
Updated
2023-02-13
The (1) htk_read_header, (2) alaw_init, (3) ulaw_init, (4) pcm_init, (5) float32_init, and (6) sds_read_header functions in libsndfile 1.0.20 allow context-dependent attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted audio file.
Max CVSS
4.3
EPSS Score
0.06%
Published
2010-05-06
Updated
2010-05-11
Heap-based buffer overflow in aiff_read_header in libsndfile 1.0.15 through 1.0.19, as used in Winamp 5.552 and possibly other media programs, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via an AIFF file with an invalid header value.
Max CVSS
9.3
EPSS Score
6.22%
Published
2009-05-26
Updated
2017-08-17
Heap-based buffer overflow in voc_read_header in libsndfile 1.0.15 through 1.0.19, as used in Winamp 5.552 and possibly other media programs, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a VOC file with an invalid header value.
Max CVSS
9.3
EPSS Score
3.84%
Published
2009-05-26
Updated
2017-08-17
Integer overflow in libsndfile 1.0.18, as used in Winamp and other products, allows context-dependent attackers to execute arbitrary code via crafted description chunks in a CAF audio file, leading to a heap-based buffer overflow.
Max CVSS
9.3
EPSS Score
40.97%
Published
2009-03-05
Updated
2018-10-11
Heap-based buffer overflow in the flac_buffer_copy function in libsndfile 1.0.17 and earlier might allow remote attackers to execute arbitrary code via a FLAC file with crafted PCM data containing a block with a size that exceeds the previous block size.
Max CVSS
7.5
EPSS Score
38.21%
Published
2007-09-19
Updated
2011-10-18
7 vulnerabilities found