CVE-2015-7747 — Classic Buffer Overflow in Audiofile
Severity
8.8HIGHNVD
EPSS
54.0%
top 1.98%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedFeb 19
Latest updateMay 24
Description
Buffer overflow in the afReadFrames function in audiofile (aka libaudiofile and Audio File Library) allows user-assisted remote attackers to cause a denial of service (program crash) or possibly execute arbitrary code via a crafted audio file, as demonstrated by sixteen-stereo-to-eight-mono.c.
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 2.8 | Impact: 5.9
Affected Packages6 packages
Also affects: Fedora 23, Ubuntu Linux 12.04, 14.04, 15.04, 15.10
Patches
🔴Vulnerability Details
2GHSA▶
GHSA-87hr-6cw6-rj3c: Buffer overflow in the afReadFrames function in audiofile (aka libaudiofile and Audio File Library) allows user-assisted remote attackers to cause a d↗2022-05-24
OSV▶
CVE-2015-7747: Buffer overflow in the afReadFrames function in audiofile (aka libaudiofile and Audio File Library) allows user-assisted remote attackers to cause a d↗2020-02-19
📋Vendor Advisories
4Microsoft▶
Buffer overflow in the afReadFrames function in audiofile (aka libaudiofile and Audio File Library) allows user-assisted remote attackers to cause a denial of service (program crash) or possibly execu↗2020-02-11
Debian▶
CVE-2015-7747: audiofile - Buffer overflow in the afReadFrames function in audiofile (aka libaudiofile and ...↗2015