Msrc Cbl2 Audiofile 0.3.6-27 On Cbl Mariner 2.0 vulnerabilities

13 known vulnerabilities affecting msrc/cbl2_audiofile_0.3.6-27_on_cbl_mariner_2.0.

Total CVEs

13

CISA KEV

0

Public exploits

0

Exploited in wild

0

Severity breakdown

HIGH2MEDIUM11

Vulnerabilities

Page 1 of 1

CVE-2017-6827HIGHCVSS 7.82017-03-14

CVE-2017-6827 [HIGH] CWE-119 Heap-based buffer overflow in audiofile allows remote attackers to have unspecified impact via a crafted audio file Heap-based buffer overflow in audiofile allows remote attackers to have unspecified impact via a crafted audio file FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the c

CVE-2017-6828HIGHCVSS 7.82017-03-14

CVE-2017-6828 [HIGH] CWE-119 Heap-based buffer overflow in audiofile allows remote attackers to have unspecified impact Heap-based buffer overflow in audiofile allows remote attackers to have unspecified impact FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most rece

CVE-2017-6830MEDIUMCVSS 5.52017-03-14

CVE-2017-6830 [MEDIUM] CWE-119 Heap-based buffer overflow in Audio File Library (aka audiofile) 0.3.6 allows remote attackers to cause a denial of service Heap-based buffer overflow in Audio File Library (aka audiofile) 0.3.6 allows remote attackers to cause a denial of service FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Lin

CVE-2017-6836MEDIUMCVSS 5.52017-03-14

CVE-2017-6836 [MEDIUM] CWE-119 Heap-based buffer overflow in the Expand3To4Module::run function in libaudiofile/modules/SimpleModule.h in Audio File Library (aka audiofile) 0.3.6, 0.3.5, 0.3.4, 0.3.3, 0.3.2, 0.3.1, 0.3.0 allows rem Heap-based buffer overflow in the Expand3To4Module::run function in libaudiofile/modules/SimpleModule.h in Audio File Library (aka audiofile) 0.3.6, 0.3.5, 0.3.4, 0.3.3, 0.3.2, 0.3.1, 0.3.0 allows remote attackers to cause a denial of service (crash) via a crafted fil

CVE-2017-6833MEDIUMCVSS 5.52017-03-14

CVE-2017-6833 [MEDIUM] CWE-369 Vulnerability in Audio File Library (aka audiofile) 0.3.6 allows remote attackers to cause a denial of service Vulnerability in Audio File Library (aka audiofile) 0.3.6 allows remote attackers to cause a denial of service FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitmen

CVE-2017-6829MEDIUMCVSS 5.52017-03-14

CVE-2017-6829 [MEDIUM] CWE-125 The decodeSample function in IMA.cpp in Audio File Library (aka audiofile) 0.3.6 allows remote attackers to cause a denial of service (crash) via a crafted file. The decodeSample function in IMA.cpp in Audio File Library (aka audiofile) 0.3.6 allows remote attackers to cause a denial of service (crash) via a crafted file. FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerabilit

CVE-2017-6834MEDIUMCVSS 5.52017-03-14

CVE-2017-6834 [MEDIUM] CWE-119 Heap-based buffer overflow in the ulaw2linear_buf function in G711.cpp in Audio File Library (aka audiofile) 0.3.6, 0.3.5, 0.3.4, 0.3.3, 0.3.2, 0.3.1, 0.3.0, 0.2.7 allows remote attackers to cause a d Heap-based buffer overflow in the ulaw2linear_buf function in G711.cpp in Audio File Library (aka audiofile) 0.3.6, 0.3.5, 0.3.4, 0.3.3, 0.3.2, 0.3.1, 0.3.0, 0.2.7 allows remote attackers to cause a denial of service (crash) via a crafted file. FAQ: Is Azure Linux th

CVE-2017-6832MEDIUMCVSS 5.52017-03-14

CVE-2017-6832 [MEDIUM] CWE-119 Heap-based buffer overflow in the decodeBlock in MSADPCM.cpp in Audio File Library (aka audiofile) 0.3.6, 0.3.5, 0.3.4, 0.3.3, 0.3.2, 0.3.1, 0.3.0, 0.2.7 allows remote attackers to cause a denial of s Heap-based buffer overflow in the decodeBlock in MSADPCM.cpp in Audio File Library (aka audiofile) 0.3.6, 0.3.5, 0.3.4, 0.3.3, 0.3.2, 0.3.1, 0.3.0, 0.2.7 allows remote attackers to cause a denial of service (crash) via a crafted file. FAQ: Is Azure Linux the only Mic

CVE-2017-6837MEDIUMCVSS 5.52017-03-14

CVE-2017-6837 [MEDIUM] WAVE.cpp in Audio File Library (aka audiofile) 0.3.6 allows remote attackers to cause a denial of service WAVE.cpp in Audio File Library (aka audiofile) 0.3.6 allows remote attackers to cause a denial of service FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to

CVE-2017-6838MEDIUMCVSS 5.52017-03-14

CVE-2017-6838 [MEDIUM] Integer overflow in sfcommands/sfconvert.c in Audio File Library Integer overflow in sfcommands/sfconvert.c in Audio File Library FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries w

CVE-2017-6831MEDIUMCVSS 5.52017-03-14

CVE-2017-6831 [MEDIUM] CWE-119 Heap-based buffer overflow in the decodeBlockWAVE function in IMA.cpp in Audio File Library (aka audiofile) 0.3.6, 0.3.5, 0.3.4, 0.3.3, 0.3.2, 0.3.1, 0.3.0 and 0.2.7 allows remote attackers to cause a Heap-based buffer overflow in the decodeBlockWAVE function in IMA.cpp in Audio File Library (aka audiofile) 0.3.6, 0.3.5, 0.3.4, 0.3.3, 0.3.2, 0.3.1, 0.3.0 and 0.2.7 allows remote attackers to cause a denial of service (crash) via a crafted file. FAQ: Is Azure Linux

CVE-2017-6835MEDIUMCVSS 5.52017-03-14

CVE-2017-6835 [MEDIUM] CWE-369 Vulnerability in Audio File Library (aka audiofile) 0.3.6 allows remote attackers to cause a denial of service via a crafted file. Vulnerability in Audio File Library (aka audiofile) 0.3.6 allows remote attackers to cause a denial of service via a crafted file. FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use

CVE-2017-6839MEDIUMCVSS 5.52017-03-14

CVE-2017-6839 [MEDIUM] CWE-190 Integer overflow in modules/MSADPCM.cpp in Audio File Library (aka audiofile) 0.3.6 allows remote attackers to cause a denial of service (crash) via a crafted file. Integer overflow in modules/MSADPCM.cpp in Audio File Library (aka audiofile) 0.3.6 allows remote attackers to cause a denial of service (crash) via a crafted file. FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulner