Download
| Alert*
|
oval:org.secpod.oval:def:2000992
An out of bounds read in the function d2alaw_array in alaw.c of libsndfile 1.0.28 may lead to a remote DoS attack or information disclosure, related to mishandling of the NAN and INFINITY floating-point values. oval:org.secpod.oval:def:89002282 This update for libsndfile fixes the following issues: Security issues fixed: - CVE-2018-13139: Fix a stack-based buffer overflow in psf_memset in common.c that allows remote attackers to cause a denial of service . - CVE-2017-14245: Prevent segmentation fault in the function d2alaw_array that may h ... oval:org.secpod.oval:def:1900273 An out of bounds read in the function d2a law_array in a law.c of libsndfile1 1.0.28 may lead to a remote DoS attack or information disclosure, related to mishandling of the NAN and INFINITY floating-point values. oval:org.secpod.oval:def:89003219 This update for libsndfile fixes the following issues: Security issues fixed: - CVE-2017-14245: Prevent segmentation fault in the function d2alaw_array that may have lead to a remote DoS. CVE-2018-19758: Fixed a heap-based buffer over-read at wav.c in wav_write_header that could have been used for a ... oval:org.secpod.oval:def:2103385 An out of bounds read in the function d2alaw_array() in alaw.c of libsndfile 1.0.28 may lead to a remote DoS attack or information disclosure, related to mishandling of the NAN and INFINITY floating-point values. oval:org.secpod.oval:def:89002334 This update for libsndfile fixes the following issues: - CVE-2017-16942: Divide-by-zero in the function wav_w64_read_fmt_chunk, which may lead to Denial of service . - CVE-2017-6892: Fixed an out-of-bounds read memory access in the aiff_read_chanmap . - CVE-2017-14634: In libsndfile 1.0.28, a divide ... oval:org.secpod.oval:def:1900314 The function d2a law_array in a law.c of libsndfile1 1.0.29pre1 may lead to a remote DoS attack , a different vulnerability than CVE-2017-14245. oval:org.secpod.oval:def:89044018 - This update for libsndfile fixes a memory leak in an error path. - CVE-2017-16942: A divide-by-zero error exists in the function wav_w64_read_fmt_chunk in wav_w64.c, which may lead to DoS when playing a crafted audio file. - CVE-2017-14634: In libsndfile 1.0.28, a divide-by-zero error exists in t ... oval:org.secpod.oval:def:55527 libsndfile: Library for reading/writing audio files Several security issues were fixed in libsndfile. oval:org.secpod.oval:def:2001580 The function d2alaw_array in alaw.c of libsndfile 1.0.29pre1 may lead to a remote DoS attack , a different vulnerability than CVE-2017-14245. oval:org.secpod.oval:def:705008 libsndfile: Library for reading/writing audio files Several security issues were fixed in libsndfile. |
