Libsndfile Project

Libsndfile

32 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9.8

CVE-2017-12562

  • EPSS 1.97%
  • Veröffentlicht 05.08.2017 17:29:00
  • Zuletzt bearbeitet 13.05.2026 00:24:29

Heap-based Buffer Overflow in the psf_binheader_writef function in common.c in libsndfile through 1.0.28 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact.

8.8

CVE-2017-6892

  • EPSS 0.96%
  • Veröffentlicht 12.06.2017 16:29:00
  • Zuletzt bearbeitet 13.05.2026 00:24:29

In libsndfile version 1.0.28, an error in the "aiff_read_chanmap()" function (aiff.c) can be exploited to cause an out-of-bounds read memory access via a specially crafted AIFF file.

6.5

CVE-2017-8365

  • EPSS 1.33%
  • Veröffentlicht 30.04.2017 19:59:00
  • Zuletzt bearbeitet 13.05.2026 00:24:29

The i2les_array function in pcm.c in libsndfile 1.0.28 allows remote attackers to cause a denial of service (buffer over-read and application crash) via a crafted audio file.

6.5

CVE-2017-8363

  • EPSS 1.33%
  • Veröffentlicht 30.04.2017 19:59:00
  • Zuletzt bearbeitet 13.05.2026 00:24:29

The flac_buffer_copy function in flac.c in libsndfile 1.0.28 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted audio file.

6.5

CVE-2017-8362

  • EPSS 1.34%
  • Veröffentlicht 30.04.2017 19:59:00
  • Zuletzt bearbeitet 13.05.2026 00:24:29

The flac_buffer_copy function in flac.c in libsndfile 1.0.28 allows remote attackers to cause a denial of service (invalid read and application crash) via a crafted audio file.

8.8

CVE-2017-8361

  • EPSS 1.54%
  • Veröffentlicht 30.04.2017 19:59:00
  • Zuletzt bearbeitet 13.05.2026 00:24:29

The flac_buffer_copy function in flac.c in libsndfile 1.0.28 allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted audio file.

5.5

CVE-2017-7742

Exploit
  • EPSS 0.35%
  • Veröffentlicht 12.04.2017 18:59:00
  • Zuletzt bearbeitet 13.05.2026 00:24:29

In libsndfile before 1.0.28, an error in the "flac_buffer_copy()" function (flac.c) can be exploited to cause a segmentation violation (with read memory access) via a specially crafted FLAC file during a resample attempt, a similar issue to CVE-2017-...

5.5

CVE-2017-7741

Exploit
  • EPSS 0.34%
  • Veröffentlicht 12.04.2017 18:59:00
  • Zuletzt bearbeitet 13.05.2026 00:24:29

In libsndfile before 1.0.28, an error in the "flac_buffer_copy()" function (flac.c) can be exploited to cause a segmentation violation (with write memory access) via a specially crafted FLAC file during a resample attempt, a similar issue to CVE-2017...

5.5

CVE-2017-7586

  • EPSS 0.34%
  • Veröffentlicht 07.04.2017 20:59:00
  • Zuletzt bearbeitet 13.05.2026 00:24:29

In libsndfile before 1.0.28, an error in the "header_read()" function (common.c) when handling ID3 tags can be exploited to cause a stack-based buffer overflow via a specially crafted FLAC file.

5.5

CVE-2017-7585

  • EPSS 0.33%
  • Veröffentlicht 07.04.2017 20:59:00
  • Zuletzt bearbeitet 13.05.2026 00:24:29

In libsndfile before 1.0.28, an error in the "flac_buffer_copy()" function (flac.c) can be exploited to cause a stack-based buffer overflow via a specially crafted FLAC file.