Mega-Nerd Libsndfile vulnerabilities

7 known vulnerabilities affecting mega-nerd/libsndfile.

Total CVEs
7
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
CRITICAL4HIGH1MEDIUM2

Vulnerabilities

Page 1 of 1
CVE-2015-7805CRITICALCVSS 9.3PoCv1.0.252015-11-17
CVE-2015-7805 [CRITICAL] CWE-119 CVE-2015-7805: Heap-based buffer overflow in libsndfile 1.0.25 allows remote attackers to have unspecified impact v Heap-based buffer overflow in libsndfile 1.0.25 allows remote attackers to have unspecified impact via the headindex value in the header in an AIFF file.
nvd
CVE-2011-2696MEDIUMCVSS 6.8≤ 1.0.24v0.0.8+25 more2011-07-27
CVE-2011-2696 [MEDIUM] CWE-119 CVE-2011-2696: Integer overflow in libsndfile before 1.0.25 allows remote attackers to cause a denial of service (a Integer overflow in libsndfile before 1.0.25 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PARIS Audio Format (PAF) file that triggers a heap-based buffer overflow.
nvd
CVE-2009-4835MEDIUMCVSS 4.3v1.0.202010-05-06
CVE-2009-4835 [MEDIUM] CWE-189 CVE-2009-4835: The (1) htk_read_header, (2) alaw_init, (3) ulaw_init, (4) pcm_init, (5) float32_init, and (6) sds_r The (1) htk_read_header, (2) alaw_init, (3) ulaw_init, (4) pcm_init, (5) float32_init, and (6) sds_read_header functions in libsndfile 1.0.20 allow context-dependent attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted audio file.
nvd
CVE-2009-1791CRITICALCVSS 9.3v1.0.15v1.0.16+3 more2009-05-26
CVE-2009-1791 [CRITICAL] CWE-119 CVE-2009-1791: Heap-based buffer overflow in aiff_read_header in libsndfile 1.0.15 through 1.0.19, as used in Winam Heap-based buffer overflow in aiff_read_header in libsndfile 1.0.15 through 1.0.19, as used in Winamp 5.552 and possibly other media programs, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via an AIFF file with an invalid header value.
nvd
CVE-2009-1788CRITICALCVSS 9.3v1.0.15v1.0.16+3 more2009-05-26
CVE-2009-1788 [CRITICAL] CWE-119 CVE-2009-1788: Heap-based buffer overflow in voc_read_header in libsndfile 1.0.15 through 1.0.19, as used in Winamp Heap-based buffer overflow in voc_read_header in libsndfile 1.0.15 through 1.0.19, as used in Winamp 5.552 and possibly other media programs, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a VOC file with an invalid header value.
nvd
CVE-2009-0186CRITICALCVSS 9.3≤ 1.0.18v0.0.8+19 more2009-03-05
CVE-2009-0186 [CRITICAL] CWE-189 CVE-2009-0186: Integer overflow in libsndfile 1.0.18, as used in Winamp and other products, allows context-dependen Integer overflow in libsndfile 1.0.18, as used in Winamp and other products, allows context-dependent attackers to execute arbitrary code via crafted description chunks in a CAF audio file, leading to a heap-based buffer overflow.
nvd
CVE-2007-4974HIGHCVSS 7.5≤ 1.0.17v0.0.8+10 more2007-09-19
CVE-2007-4974 [HIGH] CWE-119 CVE-2007-4974: Heap-based buffer overflow in the flac_buffer_copy function in libsndfile 1.0.17 and earlier might a Heap-based buffer overflow in the flac_buffer_copy function in libsndfile 1.0.17 and earlier might allow remote attackers to execute arbitrary code via a FLAC file with crafted PCM data containing a block with a size that exceeds the previous block size.
nvd
Mega-Nerd Libsndfile vulnerabilities | cvebase