Lucene search

Audio File Library Security Vulnerabilities

cve

CVE-2015-7747

Buffer overflow in the afReadFrames function in audiofile (aka libaudiofile and Audio File Library) allows user-assisted remote attackers to cause a denial of service (program crash) or possibly execute arbitrary code via a crafted audio file, as demonstrated by sixteen-stereo-to-eight-mono.c.

8.8CVSS

8.9AI Score

0.015EPSS

2020-02-19 09:15 PM

cve

CVE-2018-13440

The audiofile Audio File Library 0.3.6 has a NULL pointer dereference bug in ModuleState::setup in modules/ModuleState.cpp, which allows an attacker to cause a denial of service via a crafted caf file, as demonstrated by sfconvert.

6.5CVSS

6.7AI Score

0.001EPSS

2018-07-08 04:29 PM

115

cve

CVE-2018-17095

An issue has been discovered in mpruett Audio File Library (aka audiofile) 0.3.6, 0.3.5, 0.3.4, 0.3.3, 0.3.2, 0.3.1, 0.3.0. A heap-based buffer overflow in Expand3To4Module::run has occurred when running sfconvert.

8.8CVSS

8.7AI Score

0.007EPSS

2018-09-16 09:29 PM

cve

CVE-2019-13147

In Audio File Library (aka audiofile) 0.3.6, there exists one NULL pointer dereference bug in ulaw2linear_buf in G711.cpp in libmodules.a that allows an attacker to cause a denial of service via a crafted file.

6.5CVSS

6AI Score

0.001EPSS

2019-07-02 12:15 AM

129

cve

CVE-2022-24599

In autofile Audio File Library 0.3.6, there exists one memory leak vulnerability in printfileinfo, in printinfo.c, which allows an attacker to leak sensitive information via a crafted file. The printfileinfo function calls the copyrightstring function to get data, however, it dosn't use zero bytes ...

6.5CVSS

5.9AI Score

0.003EPSS

2022-02-24 03:15 PM