CVE-2011-2696
published 2011-07-27CVE-2011-2696: Integer overflow in libsndfile before 1.0.25 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a…
PriorityP334medium6.8CVSS 2.0
AVNACMAuNCPIPAP
EPSS
4.65%
90.6th percentile
Integer overflow in libsndfile before 1.0.25 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PARIS Audio Format (PAF) file that triggers a heap-based buffer overflow.
Affected
32 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | libsndfile | < libsndfile 1.0.25-1 (bookworm) | libsndfile 1.0.25-1 (bookworm) |
| libsndfile_project | libsndfile | >= 0 < 1.0.25-1 | 1.0.25-1 |
| libsndfile_project | libsndfile | >= 0 < 1.0.25-1 | 1.0.25-1 |
| libsndfile_project | libsndfile | >= 0 < 1.0.25-1 | 1.0.25-1 |
| libsndfile_project | libsndfile | >= 0 < 1.0.25-1 | 1.0.25-1 |
| mega-nerd | libsndfile | <= 1.0.24 | — |
| mega-nerd | libsndfile | — | — |
| mega-nerd | libsndfile | — | — |
| mega-nerd | libsndfile | — | — |
| mega-nerd | libsndfile | — | — |
| mega-nerd | libsndfile | — | — |
| mega-nerd | libsndfile | — | — |
| mega-nerd | libsndfile | — | — |
| mega-nerd | libsndfile | — | — |
| mega-nerd | libsndfile | — | — |
| mega-nerd | libsndfile | — | — |
| mega-nerd | libsndfile | — | — |
| mega-nerd | libsndfile | — | — |
| mega-nerd | libsndfile | — | — |
| mega-nerd | libsndfile | — | — |
| mega-nerd | libsndfile | — | — |
| mega-nerd | libsndfile | — | — |
| mega-nerd | libsndfile | — | — |
| mega-nerd | libsndfile | — | — |
| mega-nerd | libsndfile | — | — |
CVSS provenance
nvdv2.06.8MEDIUMAV:N/AC:M/Au:N/C:P/I:P/A:P
osv6.8MEDIUM
vendor_debian6.8MEDIUM
vendor_redhat6.8MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Ubuntu
libsndfile vulnerability
vendor_ubuntu·2011-07-25
CVE-2011-2696 libsndfile vulnerability
Title: libsndfile vulnerability
Summary: An application using libsndfile could be made to crash or possibly run
programs as your login if it opened a specially crafted file.
Hossein Lotfi discovered that libsndfile did not properly verify the header
length and number of channels for PARIS Audio Format (PAF) audio files. An
attacker could exploit this to cause a denial of service via application
crash, or possibly execute arbitrary code with the privileges of the user
invoking the program.
Instructions: After a standard system update you need to restart your login session to
make all the necessary changes.
Red Hat
libsndfile: Application crash due integer overflow by processing certain PAF audio files
vendor_redhat·2011-07-12·CVSS 6.8
CVE-2011-2696 [MEDIUM] CWE-190 libsndfile: Application crash due integer overflow by processing certain PAF audio files
libsndfile: Application crash due integer overflow by processing certain PAF audio files
Integer overflow in libsndfile before 1.0.25 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PARIS Audio Format (PAF) file that triggers a heap-based buffer overflow.
Debian
CVE-2011-2696: libsndfile - Integer overflow in libsndfile before 1.0.25 allows remote attackers to cause a ...
vendor_debian·2011·CVSS 6.8
CVE-2011-2696 [MEDIUM] CVE-2011-2696: libsndfile - Integer overflow in libsndfile before 1.0.25 allows remote attackers to cause a ...
Integer overflow in libsndfile before 1.0.25 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PARIS Audio Format (PAF) file that triggers a heap-based buffer overflow.
Scope: local
bookworm: resolved (fixed in 1.0.25-1)
bullseye: resolved (fixed in 1.0.25-1)
forky: resolved (fixed in 1.0.25-1)
sid: resolved (fixed in 1.0.25-1)
trixie: resolved (fixed in 1.0.25-1)
GHSA
GHSA-pq4x-r6mp-pmm3: Integer overflow in libsndfile before 1
ghsa_unreviewed·2022-05-17
CVE-2011-2696 [MEDIUM] CWE-119 GHSA-pq4x-r6mp-pmm3: Integer overflow in libsndfile before 1
Integer overflow in libsndfile before 1.0.25 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PARIS Audio Format (PAF) file that triggers a heap-based buffer overflow.
OSV
CVE-2011-2696: Integer overflow in libsndfile before 1
osv·2011-07-27·CVSS 6.8
CVE-2011-2696 [MEDIUM] CVE-2011-2696: Integer overflow in libsndfile before 1
Integer overflow in libsndfile before 1.0.25 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PARIS Audio Format (PAF) file that triggers a heap-based buffer overflow.
No detection rules found.
No public exploits indexed.
http://lists.fedoraproject.org/pipermail/package-announce/2011-July/062955.htmlhttp://secunia.com/advisories/45125http://secunia.com/advisories/45351http://secunia.com/advisories/45384http://secunia.com/advisories/45388http://secunia.com/advisories/45433http://www.debian.org/security/2011/dsa-2288http://www.mandriva.com/security/advisories?name=MDVSA-2011:119http://www.mega-nerd.com/libsndfile/ChangeLoghttp://www.openwall.com/lists/oss-security/2011/07/14/1http://www.openwall.com/lists/oss-security/2011/07/14/2http://www.openwall.com/lists/oss-security/2011/07/14/3http://www.openwall.com/lists/oss-security/2011/07/14/4http://www.openwall.com/lists/oss-security/2011/07/15/1http://www.openwall.com/lists/oss-security/2011/07/15/3http://www.openwall.com/lists/oss-security/2011/07/15/4http://www.openwall.com/lists/oss-security/2011/07/18/1http://www.redhat.com/support/errata/RHSA-2011-1084.htmlhttp://www.securelist.com/en/advisories/45125http://www.securityfocus.com/bid/48644http://www.ubuntu.com/usn/USN-1174-1https://bugs.gentoo.org/show_bug.cgi?id=375125https://bugzilla.redhat.com/show_bug.cgi?id=721234https://hermes.opensuse.org/messages/10387521http://lists.fedoraproject.org/pipermail/package-announce/2011-July/062955.htmlhttp://secunia.com/advisories/45125http://secunia.com/advisories/45351http://secunia.com/advisories/45384http://secunia.com/advisories/45388http://secunia.com/advisories/45433http://www.debian.org/security/2011/dsa-2288http://www.mandriva.com/security/advisories?name=MDVSA-2011:119http://www.mega-nerd.com/libsndfile/ChangeLoghttp://www.openwall.com/lists/oss-security/2011/07/14/1http://www.openwall.com/lists/oss-security/2011/07/14/2http://www.openwall.com/lists/oss-security/2011/07/14/3http://www.openwall.com/lists/oss-security/2011/07/14/4http://www.openwall.com/lists/oss-security/2011/07/15/1http://www.openwall.com/lists/oss-security/2011/07/15/3http://www.openwall.com/lists/oss-security/2011/07/15/4http://www.openwall.com/lists/oss-security/2011/07/18/1http://www.redhat.com/support/errata/RHSA-2011-1084.htmlhttp://www.securelist.com/en/advisories/45125http://www.securityfocus.com/bid/48644http://www.ubuntu.com/usn/USN-1174-1https://bugs.gentoo.org/show_bug.cgi?id=375125https://bugzilla.redhat.com/show_bug.cgi?id=721234https://hermes.opensuse.org/messages/10387521
2011-07-27
Published