Filtered by vendor Libsndfile Project
Subscribe
Total
27 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2017-7585 | 1 Libsndfile Project | 1 Libsndfile | 2023-12-10 | 4.3 MEDIUM | 5.5 MEDIUM |
In libsndfile before 1.0.28, an error in the "flac_buffer_copy()" function (flac.c) can be exploited to cause a stack-based buffer overflow via a specially crafted FLAC file. | |||||
CVE-2017-7586 | 1 Libsndfile Project | 1 Libsndfile | 2023-12-10 | 4.3 MEDIUM | 5.5 MEDIUM |
In libsndfile before 1.0.28, an error in the "header_read()" function (common.c) when handling ID3 tags can be exploited to cause a stack-based buffer overflow via a specially crafted FLAC file. | |||||
CVE-2017-8363 | 2 Debian, Libsndfile Project | 2 Debian Linux, Libsndfile | 2023-12-10 | 4.3 MEDIUM | 6.5 MEDIUM |
The flac_buffer_copy function in flac.c in libsndfile 1.0.28 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted audio file. | |||||
CVE-2017-7742 | 1 Libsndfile Project | 1 Libsndfile | 2023-12-10 | 4.3 MEDIUM | 5.5 MEDIUM |
In libsndfile before 1.0.28, an error in the "flac_buffer_copy()" function (flac.c) can be exploited to cause a segmentation violation (with read memory access) via a specially crafted FLAC file during a resample attempt, a similar issue to CVE-2017-7585. | |||||
CVE-2017-8361 | 2 Debian, Libsndfile Project | 2 Debian Linux, Libsndfile | 2023-12-10 | 6.8 MEDIUM | 8.8 HIGH |
The flac_buffer_copy function in flac.c in libsndfile 1.0.28 allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted audio file. | |||||
CVE-2014-9756 | 3 Canonical, Libsndfile Project, Opensuse | 4 Ubuntu Linux, Libsndfile, Leap and 1 more | 2023-12-10 | 5.0 MEDIUM | N/A |
The psf_fwrite function in file_io.c in libsndfile allows attackers to cause a denial of service (divide-by-zero error and application crash) via unspecified vectors related to the headindex variable. | |||||
CVE-2014-9496 | 5 Canonical, Debian, Libsndfile Project and 2 more | 5 Ubuntu Linux, Debian Linux, Libsndfile and 2 more | 2023-12-10 | 2.1 LOW | N/A |
The sd2_parse_rsrc_fork function in sd2.c in libsndfile allows attackers to have unspecified impact via vectors related to a (1) map offset or (2) rsrc marker, which triggers an out-of-bounds read. |