9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.062 Low
EPSS
Percentile
93.5%
Secunia reports:
Two vulnerabilities have been reported in libsndfile, which can be
exploited by malicious people to compromise an application using the
library.
A boundary error exists within the “voc_read_header()” function in
src/voc.c. This can be exploited to cause a heap-based buffer overflow
via a specially crafted VOC file.
A boundary error exists within the “aiff_read_header()” function in
src/aiff.c. This can be exploited to cause a heap-based buffer overflow
via a specially crafted AIFF file.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
FreeBSD | any | noarch | libsndfile | < 1.0.20 | UNKNOWN |