Debian Soundtouch vulnerabilities

9 known vulnerabilities affecting debian/soundtouch.

Total CVEs
9
CISA KEV
0
Public exploits
3
Exploited in wild
0
Severity breakdown
HIGH1LOW8

Vulnerabilities

Page 1 of 1
CVE-2018-1000223HIGHCVSS 8.8fixed in soundtouch 2.1.2+ds1-1 (bookworm)2018
CVE-2018-1000223 [HIGH] CVE-2018-1000223: soundtouch - soundtouch version up to and including 2.0.0 contains a Buffer Overflow vulnerab... soundtouch version up to and including 2.0.0 contains a Buffer Overflow vulnerability in SoundStretch/WavFile.cpp:WavInFile::readHeaderBlock() that can result in arbitrary code execution. This attack appear to be exploitable via victim must open maliocius file in soundstretch utility. Scope: local bookworm: resolved (fixed in 2.1.2+ds1-1) bullseye: resolved (
debian
CVE-2018-17097LOWCVSS 8.8fixed in soundtouch 2.1.2+ds1-1 (bookworm)2018
CVE-2018-17097 [HIGH] CVE-2018-17097: soundtouch - The WavFileBase class in WavFile.cpp in Olli Parviainen SoundTouch 2.0 allows re... The WavFileBase class in WavFile.cpp in Olli Parviainen SoundTouch 2.0 allows remote attackers to cause a denial of service (double free) or possibly have unspecified other impact, as demonstrated by SoundStretch. Scope: local bookworm: resolved (fixed in 2.1.2+ds1-1) bullseye: resolved (fixed in 2.1.2+ds1-1) forky: resolved (fixed in 2.1.2+ds1-1) sid: resolved (
debian
CVE-2018-17096LOWCVSS 6.5fixed in soundtouch 2.1.2+ds1-1 (bookworm)2018
CVE-2018-17096 [MEDIUM] CVE-2018-17096: soundtouch - The BPMDetect class in BPMDetect.cpp in libSoundTouch.a in Olli Parviainen Sound... The BPMDetect class in BPMDetect.cpp in libSoundTouch.a in Olli Parviainen SoundTouch 2.0 allows remote attackers to cause a denial of service (assertion failure and application exit), as demonstrated by SoundStretch. Scope: local bookworm: resolved (fixed in 2.1.2+ds1-1) bullseye: resolved (fixed in 2.1.2+ds1-1) forky: resolved (fixed in 2.1.2+ds1-1) sid: reso
debian
CVE-2018-17098LOWCVSS 8.8fixed in soundtouch 2.1.2+ds1-1 (bookworm)2018
CVE-2018-17098 [HIGH] CVE-2018-17098: soundtouch - The WavFileBase class in WavFile.cpp in Olli Parviainen SoundTouch 2.0 allows re... The WavFileBase class in WavFile.cpp in Olli Parviainen SoundTouch 2.0 allows remote attackers to cause a denial of service (heap corruption from size inconsistency) or possibly have unspecified other impact, as demonstrated by SoundStretch. Scope: local bookworm: resolved (fixed in 2.1.2+ds1-1) bullseye: resolved (fixed in 2.1.2+ds1-1) forky: resolved (fixed in
debian
CVE-2018-14044LOWCVSS 7.5fixed in soundtouch 2.1.2+ds1-1 (bookworm)2018
CVE-2018-14044 [HIGH] CVE-2018-14044: soundtouch - The RateTransposer::setChannels function in RateTransposer.cpp in libSoundTouch.... The RateTransposer::setChannels function in RateTransposer.cpp in libSoundTouch.a in Olli Parviainen SoundTouch 2.0 allows remote attackers to cause a denial of service (assertion failure and application exit), as demonstrated by SoundStretch. Scope: local bookworm: resolved (fixed in 2.1.2+ds1-1) bullseye: resolved (fixed in 2.1.2+ds1-1) forky: resolved (fixed i
debian
CVE-2018-14045LOWCVSS 7.5fixed in soundtouch 2.1.2+ds1-1 (bookworm)2018
CVE-2018-14045 [HIGH] CVE-2018-14045: soundtouch - The FIRFilter::evaluateFilterMulti function in FIRFilter.cpp in libSoundTouch.a ... The FIRFilter::evaluateFilterMulti function in FIRFilter.cpp in libSoundTouch.a in Olli Parviainen SoundTouch 2.0 allows remote attackers to cause a denial of service (assertion failure and application exit), as demonstrated by SoundStretch. Scope: local bookworm: resolved (fixed in 2.1.2+ds1-1) bullseye: resolved (fixed in 2.1.2+ds1-1) forky: resolved (fixed in
debian
CVE-2017-9259LOWCVSS 5.5PoCfixed in soundtouch 1.9.2-3 (bookworm)2017
CVE-2017-9259 [MEDIUM] CVE-2017-9259: soundtouch - The TDStretch::acceptNewOverlapLength function in source/SoundTouch/TDStretch.cp... The TDStretch::acceptNewOverlapLength function in source/SoundTouch/TDStretch.cpp in SoundTouch 1.9.2 allows remote attackers to cause a denial of service (memory allocation error and application crash) via a crafted wav file. Scope: local bookworm: resolved (fixed in 1.9.2-3) bullseye: resolved (fixed in 1.9.2-3) forky: resolved (fixed in 1.9.2-3) sid: resolved
debian
CVE-2017-9260LOWCVSS 5.5PoCfixed in soundtouch 1.9.2-3 (bookworm)2017
CVE-2017-9260 [MEDIUM] CVE-2017-9260: soundtouch - The TDStretchSSE::calcCrossCorr function in source/SoundTouch/sse_optimized.cpp ... The TDStretchSSE::calcCrossCorr function in source/SoundTouch/sse_optimized.cpp in SoundTouch 1.9.2 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted wav file. Scope: local bookworm: resolved (fixed in 1.9.2-3) bullseye: resolved (fixed in 1.9.2-3) forky: resolved (fixed in 1.9.2-3) sid: resolve
debian
CVE-2017-9258LOWCVSS 5.5PoCfixed in soundtouch 1.9.2-3 (bookworm)2017
CVE-2017-9258 [MEDIUM] CVE-2017-9258: soundtouch - The TDStretch::processSamples function in source/SoundTouch/TDStretch.cpp in Sou... The TDStretch::processSamples function in source/SoundTouch/TDStretch.cpp in SoundTouch 1.9.2 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a crafted wav file. Scope: local bookworm: resolved (fixed in 1.9.2-3) bullseye: resolved (fixed in 1.9.2-3) forky: resolved (fixed in 1.9.2-3) sid: resolved (fixed in 1.9.2-3) t
debian