Surina Soundtouch vulnerabilities
9 known vulnerabilities affecting surina/soundtouch.
Total CVEs
9
CISA KEV
0
Public exploits
3
Exploited in wild
0
Severity breakdown
HIGH5MEDIUM4
Vulnerabilities
Page 1 of 1
CVE-2018-17098HIGHCVSS 8.8v2.0.02018-09-16
CVE-2018-17098 [HIGH] CWE-787 CVE-2018-17098: The WavFileBase class in WavFile.cpp in Olli Parviainen SoundTouch 2.0 allows remote attackers to ca
The WavFileBase class in WavFile.cpp in Olli Parviainen SoundTouch 2.0 allows remote attackers to cause a denial of service (heap corruption from size inconsistency) or possibly have unspecified other impact, as demonstrated by SoundStretch.
nvdosv
CVE-2018-17097HIGHCVSS 8.8v2.0.02018-09-16
CVE-2018-17097 [HIGH] CWE-415 CVE-2018-17097: The WavFileBase class in WavFile.cpp in Olli Parviainen SoundTouch 2.0 allows remote attackers to ca
The WavFileBase class in WavFile.cpp in Olli Parviainen SoundTouch 2.0 allows remote attackers to cause a denial of service (double free) or possibly have unspecified other impact, as demonstrated by SoundStretch.
nvdosv
CVE-2018-17096MEDIUMCVSS 6.5v2.0.02018-09-16
CVE-2018-17096 [MEDIUM] CWE-617 CVE-2018-17096: The BPMDetect class in BPMDetect.cpp in libSoundTouch.a in Olli Parviainen SoundTouch 2.0 allows rem
The BPMDetect class in BPMDetect.cpp in libSoundTouch.a in Olli Parviainen SoundTouch 2.0 allows remote attackers to cause a denial of service (assertion failure and application exit), as demonstrated by SoundStretch.
nvdosv
CVE-2018-1000223HIGHCVSS 8.8≤ 2.0.02018-08-20
CVE-2018-1000223 [HIGH] CWE-119 CVE-2018-1000223: soundtouch version up to and including 2.0.0 contains a Buffer Overflow vulnerability in SoundStretc
soundtouch version up to and including 2.0.0 contains a Buffer Overflow vulnerability in SoundStretch/WavFile.cpp:WavInFile::readHeaderBlock() that can result in arbitrary code execution. This attack appear to be exploitable via victim must open maliocius file in soundstretch utility.
nvdosv
CVE-2018-14045HIGHCVSS 7.5v2.0.02018-07-13
CVE-2018-14045 [HIGH] CWE-617 CVE-2018-14045: The FIRFilter::evaluateFilterMulti function in FIRFilter.cpp in libSoundTouch.a in Olli Parviainen S
The FIRFilter::evaluateFilterMulti function in FIRFilter.cpp in libSoundTouch.a in Olli Parviainen SoundTouch 2.0 allows remote attackers to cause a denial of service (assertion failure and application exit), as demonstrated by SoundStretch.
nvdosv
CVE-2018-14044HIGHCVSS 7.5v2.0.02018-07-13
CVE-2018-14044 [HIGH] CWE-617 CVE-2018-14044: The RateTransposer::setChannels function in RateTransposer.cpp in libSoundTouch.a in Olli Parviainen
The RateTransposer::setChannels function in RateTransposer.cpp in libSoundTouch.a in Olli Parviainen SoundTouch 2.0 allows remote attackers to cause a denial of service (assertion failure and application exit), as demonstrated by SoundStretch.
nvdosv
CVE-2017-9259MEDIUMCVSS 5.5PoCv1.9.22017-07-27
CVE-2017-9259 [MEDIUM] CWE-400 CVE-2017-9259: The TDStretch::acceptNewOverlapLength function in source/SoundTouch/TDStretch.cpp in SoundTouch 1.9.
The TDStretch::acceptNewOverlapLength function in source/SoundTouch/TDStretch.cpp in SoundTouch 1.9.2 allows remote attackers to cause a denial of service (memory allocation error and application crash) via a crafted wav file.
nvdosv
CVE-2017-9260MEDIUMCVSS 5.5PoCv1.9.22017-07-27
CVE-2017-9260 [MEDIUM] CWE-125 CVE-2017-9260: The TDStretchSSE::calcCrossCorr function in source/SoundTouch/sse_optimized.cpp in SoundTouch 1.9.2
The TDStretchSSE::calcCrossCorr function in source/SoundTouch/sse_optimized.cpp in SoundTouch 1.9.2 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted wav file.
nvdosv
CVE-2017-9258MEDIUMCVSS 5.5PoCv1.9.22017-07-27
CVE-2017-9258 [MEDIUM] CWE-835 CVE-2017-9258: The TDStretch::processSamples function in source/SoundTouch/TDStretch.cpp in SoundTouch 1.9.2 allows
The TDStretch::processSamples function in source/SoundTouch/TDStretch.cpp in SoundTouch 1.9.2 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a crafted wav file.
nvdosv