9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.11 Low
EPSS
Percentile
95.0%
Package : libsndfile
Version : 1.0.21-3+squeeze2
CVE ID : CVE-2014-9496 CVE-2014-9756 CVE-2015-7805
Debian Bug : 774162 804445 804447
CVE-2014-9496
The sd2_parse_rsrc_fork function in sd2.c in libsndfile allows
attackers to have unspecified impact via vectors related to a (1) map
offset or (2) rsrc marker, which triggers an out-of-bounds read.
CVE-2014-9756
The psf_fwrite function in file_io.c in libsndfile allows attackers to
cause a denial of service (divide-by-zero error and application crash)
via unspecified vectors related to the headindex variable.
CVE-2015-7805
Heap-based buffer overflow in libsndfile 1.0.25 allows remote
attackers to have unspecified impact via the headindex value in the
header in an AIFF file.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Debian | 6 | i386 | libsndfile1 | < 1.0.21-3+squeeze2 | libsndfile1_1.0.21-3+squeeze2_i386.deb |
Debian | 8 | armhf | sndfile-programs-dbg | < 1.0.25-9.1+deb8u1 | sndfile-programs-dbg_1.0.25-9.1+deb8u1_armhf.deb |
Debian | 8 | armhf | libsndfile1-dbg | < 1.0.25-9.1+deb8u1 | libsndfile1-dbg_1.0.25-9.1+deb8u1_armhf.deb |
Debian | 8 | ppc64el | libsndfile1-dbg | < 1.0.25-9.1+deb8u1 | libsndfile1-dbg_1.0.25-9.1+deb8u1_ppc64el.deb |
Debian | 8 | armel | libsndfile1 | < 1.0.25-9.1+deb8u1 | libsndfile1_1.0.25-9.1+deb8u1_armel.deb |
Debian | 8 | arm64 | sndfile-programs | < 1.0.25-9.1+deb8u1 | sndfile-programs_1.0.25-9.1+deb8u1_arm64.deb |
Debian | 8 | s390x | libsndfile1 | < 1.0.25-9.1+deb8u1 | libsndfile1_1.0.25-9.1+deb8u1_s390x.deb |
Debian | 8 | mipsel | sndfile-programs-dbg | < 1.0.25-9.1+deb8u1 | sndfile-programs-dbg_1.0.25-9.1+deb8u1_mipsel.deb |
Debian | 6 | i386 | libsndfile1-dev | < 1.0.21-3+squeeze2 | libsndfile1-dev_1.0.21-3+squeeze2_i386.deb |
Debian | 8 | amd64 | sndfile-programs-dbg | < 1.0.25-9.1+deb8u1 | sndfile-programs-dbg_1.0.25-9.1+deb8u1_amd64.deb |