CVE-2008-5824

2009-01-0219:30:01

Debian Security Bug Tracker

security-tracker.debian.org

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.006 Low

EPSS

Percentile

78.4%

JSON

Heap-based buffer overflow in msadpcm.c in libaudiofile in audiofile 0.2.6 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted WAV file.

OSVersionArchitecturePackageVersionFilename
Debian12allaudiofile< 0.2.6-7.1audiofile_0.2.6-7.1_all.deb
Debian11allaudiofile< 0.2.6-7.1audiofile_0.2.6-7.1_all.deb
Debian10allaudiofile< 0.2.6-7.1audiofile_0.2.6-7.1_all.deb
Debian999allaudiofile< 0.2.6-7.1audiofile_0.2.6-7.1_all.deb
Debian13allaudiofile< 0.2.6-7.1audiofile_0.2.6-7.1_all.deb

OS	Version	Architecture	Package	Version	Filename
Debian	12	all	audiofile	< 0.2.6-7.1	audiofile_0.2.6-7.1_all.deb
Debian	11	all	audiofile	< 0.2.6-7.1	audiofile_0.2.6-7.1_all.deb
Debian	10	all	audiofile	< 0.2.6-7.1	audiofile_0.2.6-7.1_all.deb
Debian	999	all	audiofile	< 0.2.6-7.1	audiofile_0.2.6-7.1_all.deb
Debian	13	all	audiofile	< 0.2.6-7.1	audiofile_0.2.6-7.1_all.deb