libsndfile -- CAF processing integer overflow vulnerability

2009-03-03T00:00:00
ID C5AF0747-1262-11DE-A964-0030843D3802
Type freebsd
Reporter FreeBSD
Modified 2009-03-03T00:00:00

Description

Secunia reports:

The vulnerability is caused due to an integer overflow error in the processing of CAF description chunks. This can be exploited to cause a heap-based buffer overflow by tricking the user into processing a specially crafted CAF audio file.