CVE-2020-11867
- EPSS 0.05%
- Veröffentlicht 30.11.2020 22:15:10
- Zuletzt bearbeitet 21.11.2024 04:58:47
Audacity through 2.3.3 saves temporary files to /var/tmp/audacity-$USER by default. After Audacity creates the temporary directory, it sets its permissions to 755. Any user on the system can read and play the temporary audio .au files located there.
CVE-2016-2540
- EPSS 0.91%
- Veröffentlicht 07.02.2018 17:29:00
- Zuletzt bearbeitet 21.11.2024 02:48:39
Audacity before 2.1.2 allows remote attackers to cause a denial of service (memory corruption and application crash) via a crafted FORMATCHUNK structure.
CVE-2016-2541
- EPSS 0.86%
- Veröffentlicht 07.02.2018 17:29:00
- Zuletzt bearbeitet 21.11.2024 02:48:39
Audacity before 2.1.2 allows remote attackers to cause a denial of service (memory corruption and application crash) via a crafted MP2 file.
CVE-2017-1000010
- EPSS 1.37%
- Veröffentlicht 17.07.2017 13:18:16
- Zuletzt bearbeitet 20.04.2025 01:37:25
Audacity 2.1.2 through 2.3.2 is vulnerable to Dll HIjacking in the avformat-55.dll resulting arbitrary code execution.
CVE-2009-0490
- EPSS 58.06%
- Veröffentlicht 10.02.2009 01:30:00
- Zuletzt bearbeitet 09.04.2025 00:30:58
Stack-based buffer overflow in the String_parse::get_nonspace_quoted function in lib-src/allegro/strparse.cpp in Audacity 1.2.6 and other versions before 1.3.6 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrar...
- EPSS 0.91%
- Veröffentlicht 20.11.2007 23:46:00
- Zuletzt bearbeitet 09.04.2025 00:30:58
Audacity 1.3.2 creates a temporary directory with a predictable name without checking for previous existence of that directory, which allows local users to cause a denial of service (recording deadlock) by creating the directory before Audacity is ru...