Libsndfile Project Libsndfile vulnerabilities

38 known vulnerabilities affecting libsndfile_project/libsndfile.

Total CVEs

CISA KEV

Public exploits

Exploited in wild

Severity breakdown

CRITICAL5HIGH12MEDIUM20LOW1

Vulnerabilities

Page 2 of 2

CVE-2017-6892HIGHCVSS 8.8v1.0.282017-06-12

CVE-2017-6892 [HIGH] CWE-119 CVE-2017-6892: In libsndfile version 1.0.28, an error in the "aiff_read_chanmap()" function (aiff.c) can be exploit In libsndfile version 1.0.28, an error in the "aiff_read_chanmap()" function (aiff.c) can be exploited to cause an out-of-bounds read memory access via a specially crafted AIFF file.

nvdosv

CVE-2017-8361HIGHCVSS 8.8v1.0.282017-04-30

CVE-2017-8361 [HIGH] CWE-119 CVE-2017-8361: The flac_buffer_copy function in flac.c in libsndfile 1.0.28 allows remote attackers to cause a deni The flac_buffer_copy function in flac.c in libsndfile 1.0.28 allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted audio file.

nvdosv

CVE-2017-8365MEDIUMCVSS 6.5v1.0.282017-04-30

CVE-2017-8365 [MEDIUM] CWE-125 CVE-2017-8365: The i2les_array function in pcm.c in libsndfile 1.0.28 allows remote attackers to cause a denial of The i2les_array function in pcm.c in libsndfile 1.0.28 allows remote attackers to cause a denial of service (buffer over-read and application crash) via a crafted audio file.

nvdosv

CVE-2017-8363MEDIUMCVSS 6.5v1.0.282017-04-30

CVE-2017-8363 [MEDIUM] CWE-125 CVE-2017-8363: The flac_buffer_copy function in flac.c in libsndfile 1.0.28 allows remote attackers to cause a deni The flac_buffer_copy function in flac.c in libsndfile 1.0.28 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted audio file.

nvdosv

CVE-2017-8362MEDIUMCVSS 6.5v1.0.282017-04-30

CVE-2017-8362 [MEDIUM] CWE-125 CVE-2017-8362: The flac_buffer_copy function in flac.c in libsndfile 1.0.28 allows remote attackers to cause a deni The flac_buffer_copy function in flac.c in libsndfile 1.0.28 allows remote attackers to cause a denial of service (invalid read and application crash) via a crafted audio file.

nvdosv

CVE-2017-7742MEDIUMCVSS 5.5≤ 1.0.272017-04-12

CVE-2017-7742 [MEDIUM] CVE-2017-7742: In libsndfile before 1.0.28, an error in the "flac_buffer_copy()" function (flac.c) can be exploited In libsndfile before 1.0.28, an error in the "flac_buffer_copy()" function (flac.c) can be exploited to cause a segmentation violation (with read memory access) via a specially crafted FLAC file during a resample attempt, a similar issue to CVE-2017-7585.

nvdosv

CVE-2017-7741MEDIUMCVSS 5.5≤ 1.0.272017-04-12

CVE-2017-7741 [MEDIUM] CVE-2017-7741: In libsndfile before 1.0.28, an error in the "flac_buffer_copy()" function (flac.c) can be exploited In libsndfile before 1.0.28, an error in the "flac_buffer_copy()" function (flac.c) can be exploited to cause a segmentation violation (with write memory access) via a specially crafted FLAC file during a resample attempt, a similar issue to CVE-2017-7585.

nvdosv

CVE-2017-7585MEDIUMCVSS 5.5≤ 1.0.272017-04-07

CVE-2017-7585 [MEDIUM] CWE-119 CVE-2017-7585: In libsndfile before 1.0.28, an error in the "flac_buffer_copy()" function (flac.c) can be exploited In libsndfile before 1.0.28, an error in the "flac_buffer_copy()" function (flac.c) can be exploited to cause a stack-based buffer overflow via a specially crafted FLAC file.

nvdosv

CVE-2017-7586MEDIUMCVSS 5.5≤ 1.0.272017-04-07

CVE-2017-7586 [MEDIUM] CWE-119 CVE-2017-7586: In libsndfile before 1.0.28, an error in the "header_read()" function (common.c) when handling ID3 t In libsndfile before 1.0.28, an error in the "header_read()" function (common.c) when handling ID3 tags can be exploited to cause a stack-based buffer overflow via a specially crafted FLAC file.

nvdosv

CVE-2014-9756MEDIUMCVSS 5.0fixed in 1.0.262015-11-19

CVE-2014-9756 [MEDIUM] CWE-369 CVE-2014-9756: The psf_fwrite function in file_io.c in libsndfile allows attackers to cause a denial of service (di The psf_fwrite function in file_io.c in libsndfile allows attackers to cause a denial of service (divide-by-zero error and application crash) via unspecified vectors related to the headindex variable.

nvdosv

CVE-2015-7805CRITICALCVSS 9.3PoC≥ 0, < 1.0.25-102015-11-17

CVE-2015-7805 [CRITICAL] CVE-2015-7805: Heap-based buffer overflow in libsndfile 1 Heap-based buffer overflow in libsndfile 1.0.25 allows remote attackers to have unspecified impact via the headindex value in the header in an AIFF file.

osv

CVE-2014-9496LOWCVSS 2.1fixed in 1.0.262015-01-16

CVE-2014-9496 [LOW] CVE-2014-9496: The sd2_parse_rsrc_fork function in sd2.c in libsndfile allows attackers to have unspecified impact The sd2_parse_rsrc_fork function in sd2.c in libsndfile allows attackers to have unspecified impact via vectors related to a (1) map offset or (2) rsrc marker, which triggers an out-of-bounds read.

nvdosv

CVE-2011-2696MEDIUMCVSS 6.8≥ 0, < 1.0.25-12011-07-27

CVE-2011-2696 [MEDIUM] CVE-2011-2696: Integer overflow in libsndfile before 1 Integer overflow in libsndfile before 1.0.25 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PARIS Audio Format (PAF) file that triggers a heap-based buffer overflow.

osv

CVE-2009-4835MEDIUMCVSS 4.3≥ 0, < 1.0.21-32010-05-06

CVE-2009-4835 [MEDIUM] CVE-2009-4835: The (1) htk_read_header, (2) alaw_init, (3) ulaw_init, (4) pcm_init, (5) float32_init, and (6) sds_read_header functions in libsndfile 1 The (1) htk_read_header, (2) alaw_init, (3) ulaw_init, (4) pcm_init, (5) float32_init, and (6) sds_read_header functions in libsndfile 1.0.20 allow context-dependent attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted audio file.

osv

CVE-2009-1788CRITICALCVSS 9.3≥ 0, < 1.0.20-12009-05-26

CVE-2009-1788 [CRITICAL] CVE-2009-1788: Heap-based buffer overflow in voc_read_header in libsndfile 1 Heap-based buffer overflow in voc_read_header in libsndfile 1.0.15 through 1.0.19, as used in Winamp 5.552 and possibly other media programs, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a VOC file with an invalid header value.

osv

CVE-2009-1791CRITICALCVSS 9.3≥ 0, < 1.0.20-12009-05-26

CVE-2009-1791 [CRITICAL] CVE-2009-1791: Heap-based buffer overflow in aiff_read_header in libsndfile 1 Heap-based buffer overflow in aiff_read_header in libsndfile 1.0.15 through 1.0.19, as used in Winamp 5.552 and possibly other media programs, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via an AIFF file with an invalid header value.

osv

CVE-2009-0186CRITICALCVSS 9.3≥ 0, < 1.0.19-12009-03-05

CVE-2009-0186 [CRITICAL] CVE-2009-0186: Integer overflow in libsndfile 1 Integer overflow in libsndfile 1.0.18, as used in Winamp and other products, allows context-dependent attackers to execute arbitrary code via crafted description chunks in a CAF audio file, leading to a heap-based buffer overflow.

osv

CVE-2007-4974HIGHCVSS 7.5≥ 0, < 1.0.17-42007-09-19

CVE-2007-4974 [HIGH] CVE-2007-4974: Heap-based buffer overflow in the flac_buffer_copy function in libsndfile 1 Heap-based buffer overflow in the flac_buffer_copy function in libsndfile 1.0.17 and earlier might allow remote attackers to execute arbitrary code via a FLAC file with crafted PCM data containing a block with a size that exceeds the previous block size.

osv

← Previous2 / 2