Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
freebsdFreeBSDB9F3FFA3-DD6C-11E0-B7FC-000A5E1E33C6
HistoryJul 12, 2011 - 12:00 a.m.

libsndfile -- PAF file processing integer overflow

2011-07-1200:00:00
vuxml.freebsd.org
10

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.075 Low

EPSS

Percentile

94.1%

JSON

Secunia reports:

Hossein Lotfi has discovered a vulnerability in libsndfile,
which can be exploited by malicious people to potentially
compromise an application using the library. The vulnerability
is caused due to an integer overflow error in the “paf24_init()”
function (src/paf.c) when processing Paris Audio (PAF) files.
This can be exploited to cause a heap-based buffer overflow via
a specially crafted file. Successful exploitation may allow
execution of arbitrary code. The vulnerability is confirmed in
version 1.0.24. Other versions may also be affected.

OSVersionArchitecturePackageVersionFilename
FreeBSDanynoarchlibsndfile< 1.0.25UNKNOWN

Related

nessus 15
openvas 16
debian 2
fedora 2
nvd 1
ubuntu 1
debiancve 1
securityvulns 2
redhat 1
gentoo 1
cvelist 1
oraclelinux 1
ubuntucve 1
checkpoint_advisories 1
prion 1
cve 1
nessus
nessus
openSUSE Security Update : libsndfile (openSUSE-SU-2011:0855-1)
2014-06-13 00:00:00
Mandriva Linux Security Advisory : libsndfile (MDVSA-2011:119)
2011-07-26 00:00:00
Debian DSA-2288-1 : libsndfile - integer overflow
2011-07-29 00:00:00
openvas
openvas
RedHat Update for libsndfile RHSA-2011:1084-01
2012-06-06 00:00:00
Ubuntu: Security Advisory (USN-1174-1)
2011-07-27 00:00:00
Mandriva Update for libsndfile MDVSA-2011:119 (libsndfile)
2011-07-27 00:00:00
debian
debian
[SECURITY] [DSA 2288-1] libsndfile security update
2011-07-28 22:00:12
[BSA-059] Security Update for libsndfile
2011-11-14 04:20:30
fedora
fedora
[SECURITY] Fedora 15 Update: libsndfile-1.0.25-1.fc15
2011-07-23 02:01:12
[SECURITY] Fedora 14 Update: libsndfile-1.0.25-1.fc14
2011-09-07 00:25:17
nvd
nvd
CVE-2011-2696
2011-07-27 02:55:02
ubuntu
ubuntu
libsndfile vulnerability
2011-07-25 00:00:00
debiancve
debiancve
CVE-2011-2696
2011-07-27 02:55:02
securityvulns
securityvulns
[ MDVSA-2011:119 ] libsndfile
2011-07-26 00:00:00
libsndfile buffer overflow
2011-07-26 00:00:00
redhat
redhat
(RHSA-2011:1084) Moderate: libsndfile security update
2011-07-20 00:00:00
gentoo
gentoo
libsndfile: Arbitrary code execution
2013-12-17 00:00:00
cvelist
cvelist
CVE-2011-2696
2011-07-27 01:29:00
oraclelinux
oraclelinux
libsndfile security update
2011-07-20 00:00:00
ubuntucve
ubuntucve
CVE-2011-2696
2011-07-21 00:00:00
checkpoint_advisories
checkpoint_advisories
libsndfile PAF File Integer Overflow (CVE-2011-2696)
2011-11-15 00:00:00
prion
prion
Integer overflow
2011-07-27 02:55:00
cve
cve
CVE-2011-2696
2011-07-27 02:55:02

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.075 Low

EPSS

Percentile

94.1%

JSON
Related for B9F3FFA3-DD6C-11E0-B7FC-000A5E1E33C6
nessus15openvas16debian2fedora2nvd1ubuntu1debiancve1securityvulns2redhat1gentoo1cvelist1oraclelinux1ubuntucve1checkpoint_advisories1prion1cve1