An issue has been discovered in mpruett Audio File Library (aka audiofile) 0.3.6, 0.3.5, 0.3.4, 0.3.3, 0.3.2, 0.3.1, 0.3.0. A heap-based buffer overflow in Expand3To4Module::run has occurred when running sfconvert.
References
Link | Resource |
---|---|
https://github.com/mpruett/audiofile/issues/50 | Exploit Issue Tracking Third Party Advisory |
https://github.com/mpruett/audiofile/issues/51 | Exploit Issue Tracking Third Party Advisory |
https://usn.ubuntu.com/3800-1/ | Patch Vendor Advisory |
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
History
09 Feb 2021, 15:08
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:* cpe:2.3:a:audio_file_library_project:audio_file_library:0.3.4:*:*:*:*:*:*:* cpe:2.3:a:audio_file_library_project:audio_file_library:0.3.0:*:*:*:*:*:*:* cpe:2.3:a:audio_file_library_project:audio_file_library:0.3.3:*:*:*:*:*:*:* cpe:2.3:a:audio_file_library_project:audio_file_library:0.3.5:*:*:*:*:*:*:* cpe:2.3:a:audio_file_library_project:audio_file_library:0.3.1:*:*:*:*:*:*:* cpe:2.3:a:audio_file_library_project:audio_file_library:0.3.2:*:*:*:*:*:*:* |
|
References | (UBUNTU) https://usn.ubuntu.com/3800-1/ - Patch, Vendor Advisory |
30 Jan 2021, 00:15
Type | Values Removed | Values Added |
---|---|---|
Summary | An issue has been discovered in mpruett Audio File Library (aka audiofile) 0.3.6, 0.3.5, 0.3.4, 0.3.3, 0.3.2, 0.3.1, 0.3.0. A heap-based buffer overflow in Expand3To4Module::run has occurred when running sfconvert. |
Information
Published : 2018-09-16 21:29
Updated : 2023-12-10 12:44
NVD link : CVE-2018-17095
Mitre link : CVE-2018-17095
CVE.ORG link : CVE-2018-17095
JSON object : View
Products Affected
canonical
- ubuntu_linux
audio_file_library_project
- audio_file_library
CWE
CWE-787
Out-of-bounds Write