cbcvebase.
CVE-2014-9756
published 2015-11-19

CVE-2014-9756: The psf_fwrite function in file_io.c in libsndfile allows attackers to cause a denial of service (divide-by-zero error and application crash) via unspecified…

PriorityP420medium5CVSS 2.0
AVNACLAuNCNINAP
EPSS
2.86%
85.0th percentile
The psf_fwrite function in file_io.c in libsndfile allows attackers to cause a denial of service (divide-by-zero error and application crash) via unspecified vectors related to the headindex variable.

Affected

14 ranges
VendorProductVersion rangeFixed in
canonicalubuntu_linux
canonicalubuntu_linux
canonicalubuntu_linux
canonicalubuntu_linux
debianlibsndfile< libsndfile 1.0.25-10 (bookworm)libsndfile 1.0.25-10 (bookworm)
libsndfile_projectlibsndfile< 1.0.261.0.26
libsndfile_projectlibsndfile>= 0 < 1.0.25-101.0.25-10
libsndfile_projectlibsndfile>= 0 < 1.0.25-101.0.25-10
libsndfile_projectlibsndfile>= 0 < 1.0.25-101.0.25-10
libsndfile_projectlibsndfile>= 0 < 1.0.25-101.0.25-10
libsndfile_projectlibsndfile>= 0 < 1.0.25-7ubuntu2.11.0.25-7ubuntu2.1
opensuseleap
opensuseopensuse
opensuseopensuse

CVSS provenance

nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:N/I:N/A:P
osv5.0MEDIUM
vendor_debian5.0MEDIUM
vendor_redhat5.0MEDIUM
vendor_ubuntu2.1LOW
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.