Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).
CVE-2008-5824 — Improper Restriction of Operations within the Bounds of a Memory Buffer in Audiofile
Severity
6.8MEDIUMNVD
EPSS
14.6%
top 5.51%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
Timeline
PublishedJan 2
Latest updateMay 17
Description
Heap-based buffer overflow in msadpcm.c in libaudiofile in audiofile 0.2.6 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted WAV file.
CVSS vector
AV:N/AC:M/C:P/I:P/A:PExploitability: 8.6 | Impact: 6.4
Affected Packages3 packages
🔴Vulnerability Details
2💥Exploits & PoCs
1Exploit-DB
▶
📋Vendor Advisories
3💬Community
5Bugzilla▶
CVE-2008-5824 audiofile: heap-based overflow in Microsoft ADPCM compression module (app crash, arb. code execution) [fedora-all]↗2010-12-24
Bugzilla▶
CVE-2008-5824 audiofile: heap-based overflow in Microsoft ADPCM compression module (app crash, arb. code execution) [F10]↗2009-01-30
Bugzilla▶
CVE-2008-5824 audiofile: heap-based overflow in Microsoft ADPCM compression module (app crash, arb. code execution) [F9]↗2009-01-30
Bugzilla▶
CVE-2008-5824 audiofile: heap-based overflow in Microsoft ADPCM compression module (app crash, arb. code execution) [Fdevel]↗2009-01-30
Bugzilla▶
CVE-2008-5824 audiofile: heap-based overflow in Microsoft ADPCM compression module (app crash, arb. code execution)↗2009-01-14