CVE-2009-1788
7.7 High
AI Score
Confidence
Low
9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.038 Low
EPSS
Percentile
91.8%
Heap-based buffer overflow in voc_read_header in libsndfile 1.0.15 through 1.0.19, as used in Winamp 5.552 and possibly other media programs, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a VOC file with an invalid header value.
References
secunia.com/advisories/35076
secunia.com/advisories/35126
secunia.com/advisories/35247
secunia.com/advisories/35443
security.gentoo.org/glsa/glsa-200905-09.xml
trapkit.de/advisories/TKADV2009-006.txt
www.debian.org/security/2009/dsa-1814
www.mandriva.com/security/advisories?name=MDVSA-2009:132
www.mega-nerd.com/erikd/Blog/CodeHacking/libsndfile/
www.mega-nerd.com/libsndfile/
www.securityfocus.com/bid/34978
www.vupen.com/english/advisories/2009/1324
www.vupen.com/english/advisories/2009/1348
exchange.xforce.ibmcloud.com/vulnerabilities/50541
exchange.xforce.ibmcloud.com/vulnerabilities/50827
Social References
More
Related
7.7 High
AI Score
Confidence
Low
9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.038 Low
EPSS
Percentile
91.8%