Libsndfile Project

Libsndfile

30 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.5

CVE-2017-8365

  • EPSS 1.33%
  • Veröffentlicht 30.04.2017 19:59:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

The i2les_array function in pcm.c in libsndfile 1.0.28 allows remote attackers to cause a denial of service (buffer over-read and application crash) via a crafted audio file.

6.5

CVE-2017-8363

  • EPSS 1.33%
  • Veröffentlicht 30.04.2017 19:59:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

The flac_buffer_copy function in flac.c in libsndfile 1.0.28 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted audio file.

6.5

CVE-2017-8362

  • EPSS 1.34%
  • Veröffentlicht 30.04.2017 19:59:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

The flac_buffer_copy function in flac.c in libsndfile 1.0.28 allows remote attackers to cause a denial of service (invalid read and application crash) via a crafted audio file.

8.8

CVE-2017-8361

  • EPSS 1.54%
  • Veröffentlicht 30.04.2017 19:59:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

The flac_buffer_copy function in flac.c in libsndfile 1.0.28 allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted audio file.

5.5

CVE-2017-7742

Exploit
  • EPSS 0.34%
  • Veröffentlicht 12.04.2017 18:59:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

In libsndfile before 1.0.28, an error in the "flac_buffer_copy()" function (flac.c) can be exploited to cause a segmentation violation (with read memory access) via a specially crafted FLAC file during a resample attempt, a similar issue to CVE-2017-...

5.5

CVE-2017-7741

Exploit
  • EPSS 0.34%
  • Veröffentlicht 12.04.2017 18:59:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

In libsndfile before 1.0.28, an error in the "flac_buffer_copy()" function (flac.c) can be exploited to cause a segmentation violation (with write memory access) via a specially crafted FLAC file during a resample attempt, a similar issue to CVE-2017...

5.5

CVE-2017-7586

  • EPSS 0.32%
  • Veröffentlicht 07.04.2017 20:59:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

In libsndfile before 1.0.28, an error in the "header_read()" function (common.c) when handling ID3 tags can be exploited to cause a stack-based buffer overflow via a specially crafted FLAC file.

5.5

CVE-2017-7585

  • EPSS 0.61%
  • Veröffentlicht 07.04.2017 20:59:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

In libsndfile before 1.0.28, an error in the "flac_buffer_copy()" function (flac.c) can be exploited to cause a stack-based buffer overflow via a specially crafted FLAC file.

5

CVE-2014-9756

Exploit
  • EPSS 0.68%
  • Veröffentlicht 19.11.2015 20:59:00
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The psf_fwrite function in file_io.c in libsndfile allows attackers to cause a denial of service (divide-by-zero error and application crash) via unspecified vectors related to the headindex variable.

2.1

CVE-2014-9496

Exploit
  • EPSS 0.1%
  • Veröffentlicht 16.01.2015 16:59:16
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The sd2_parse_rsrc_fork function in sd2.c in libsndfile allows attackers to have unspecified impact via vectors related to a (1) map offset or (2) rsrc marker, which triggers an out-of-bounds read.