9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.11 Low
EPSS
Percentile
94.5%
CVE-2014-9496 (unspecified impact)
The sd2_parse_rsrc_fork function in sd2.c in libsndfile allows attackers to
have unspecified impact via vectors related to a (1) map offset or (2) rsrc
marker, which triggers an out-of-bounds read.
CVE-2014-9756 (denial of service)
The psf_fwrite function in file_io.c in libsndfile allows attackers to cause
a denial of service (divide-by-zero error and application crash) via
unspecified vectors related to the headindex variable.
CVE-2015-7805 (unspecified impact)
Heap-based buffer overflow in libsndfile 1.0.25 allows remote attackers to
have unspecified impact via the headindex value in the header in an AIFF
file.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
any | any | any | libsndfile | < 1.0.26-1 | UNKNOWN |