cbcvebase.
CVE-2008-5824
published 2009-01-02

CVE-2008-5824: Heap-based buffer overflow in msadpcm.c in libaudiofile in audiofile 0.2.6 allows context-dependent attackers to cause a denial of service (application crash)…

PriorityP334medium6.8CVSS 2.0
AVNACMAuNCPIPAP
EXPLOIT
EPSS
6.02%
92.4th percentile
Heap-based buffer overflow in msadpcm.c in libaudiofile in audiofile 0.2.6 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted WAV file.

Affected

6 ranges
VendorProductVersion rangeFixed in
68kaudiofile
audiofileaudiofile>= 0 < 0.2.6-7.10.2.6-7.1
audiofileaudiofile>= 0 < 0.2.6-7.10.2.6-7.1
audiofileaudiofile>= 0 < 0.2.6-7.10.2.6-7.1
audiofileaudiofile>= 0 < 0.2.6-7.10.2.6-7.1
debianaudiofile< audiofile 0.2.6-7.1 (bookworm)audiofile 0.2.6-7.1 (bookworm)

CVSS provenance

nvdv2.06.8MEDIUMAV:N/AC:M/Au:N/C:P/I:P/A:P
osv6.8MEDIUM
vendor_debian6.8MEDIUM
vendor_redhat6.8MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.