Download
| Alert*
oval:org.secpod.oval:def:101434
libsndfile is a C library for reading and writing sound files such as AIFF, AU, WAV, and others through one standard interface. It can currently read/write 8, 16, 24 and 32-bit PCM files as well as 32 and 64-bit floating point WAV files and a number of compressed formats. It compiles and runs on *ni ... oval:org.secpod.oval:def:700302 It was discovered that libsndfile did not correctly handle description chunks in CAF audio files. If a user or automated system were tricked into opening a specially crafted CAF audio file, an attacker could execute arbitrary code with the privileges of the user invoking the program. oval:org.secpod.oval:def:300525 Crafted data - channels per frame value - in CAF files enables remote attackers to execute arbitrary code or denial of service via a possible integer overflow, leading to a possible heap overflow . This update provides fix for that vulnerability. oval:org.mitre.oval:def:7904 Alan Rad Pop discovered that libsndfile, a library to read and write sampled audio data, is prone to an integer overflow. This causes a heap-based buffer overflow when processing crafted CAF description chunks possibly leading to arbitrary code execution. oval:org.secpod.oval:def:16679 The host is installed with Winamp 5.55 or 5.541 and is prone to integer overflow vulnerability. A flaw is present in the application, which fails to handle crafted description chunks in a CAF audio file. Successful exploitation allows attackers to execute arbitrary code. oval:org.secpod.oval:def:102519 libsndfile is a C library for reading and writing sound files such as AIFF, AU, WAV, and others through one standard interface. It can currently read/write 8, 16, 24 and 32-bit PCM files as well as 32 and 64-bit floating point WAV files and a number of compressed formats. It compiles and runs on *ni ... oval:org.secpod.oval:def:600461 Alan Rad Pop discovered that libsndfile, a library to read and write sampled audio data, is prone to an integer overflow. This causes a heap-based buffer overflow when processing crafted CAF description chunks possibly leading to arbitrary code execution. For the oldstable distribution this problem ... |