openSUSE Security Update : aubio (openSUSE-2018-651)

This update for aubio fixes the following security issue : - CVE-2017-17554: Prevent NULL pointer dereference in the function aubiosourceavcodecreadframe which may have lead to DoS when playing a crafted audio file bsc1072317. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive...

PT-2020-15266 · Stepmania Team +2 · Stepmania +2

Name of the Vulnerable Software and Affected Versions: libvorbis versions prior to 1.3.6 StepMania version 5.0.12 Description: The issue is related to insufficient array bounds checking in libvorbis, which can be exploited via a crafted OGG file. This affects products using libvorbis, including...

Out-of-bounds Read

Overview Affected versions of this package are vulnerable to Out-of-bounds Read. The TagLib::Ogg::FLAC::File::scan function in oggflacfile.cpp in TagLib 1.11.1 allows remote attackers to cause information disclosure heap-based buffer over-read via a crafted audio file. Remediation There is no fix...

UBUNTU-CVE-2018-11439

The TagLib::Ogg::FLAC::File::scan function in oggflacfile.cpp in TagLib 1.11.1 allows remote attackers to cause information disclosure heap-based buffer over-read via a crafted audio file...

CVE-2018-11439

The TagLib::Ogg::FLAC::File::scan function in oggflacfile.cpp in TagLib 1.11.1 allows remote attackers to cause information disclosure heap-based buffer over-read via a crafted audio file...

CVE-2018-11439

CVE-2018-11439 affects TagLib 1.11.1’s Ogg FLAC scanning code (TagLib::Ogg::FLAC::File::scan in oggflacfile.cpp). The vulnerability is a heap-based buffer over-read exposed by processing a crafted audio file, leading to information disclosure. Public‑facing references in connected documents indic...

CVE-2018-11439

The TagLib::Ogg::FLAC::File::scan function in oggflacfile.cpp in TagLib 1.11.1 allows remote attackers to cause information disclosure heap-based buffer over-read via a crafted audio file...

taglib -- heap-based buffer over-read via a crafted audio file

Webin security lab - dbapp security Ltd reports: The TagLib::Ogg::FLAC::File::scan function in oggflacfile.cpp in TagLib 1.11.1 allows remote attackers to cause information disclosure heap-based buffer over-read via a crafted audio file...

Denial Of Service (DoS)

libsamplerate.so is vulnerable to denial of service DoS attacks. A malicious user can pass an audio file to the calcoutputsingle function in srcsinc.c to cause a buffer over-read that can crash the application...

Debian DLA-1380-1 : libmad security update

Several vulnerabilities were discovered in MAD, an MPEG audio decoder library, which could result in denial of service if a malformed audio file is processed. For Debian 7 'Wheezy', these problems have been fixed in version 0.15.1b-7+deb7u1. We recommend that you upgrade your libmad packages. NOT...

Updated libsndfile packages fix security vulnerabilities

An out of bounds read in the function d2alawarray in alaw.c of libsndfile 1.0.28 may lead to a remote DoS attack or information disclosure, related to mishandling of the NAN and INFINITY floating-point values CVE-2017-14245. An out of bounds read in the function d2ulawarray in ulaw.c of libsndfil...

mp3gain Denial of Service Vulnerability

mp3gain is a volume adjustment application for MP3 files. A security vulnerability exists in the 'IIIdequantizesample' function in the mpglibDBL/layer3.c file in mp3gain 1.5.2-r2 and earlier versions, which stems from a read access privilege conflict in the program. A remote attacker could exploi...

Debian DSA-4192-1 : libmad - security update

Several vulnerabilities were discovered in MAD, an MPEG audio decoder library, which could result in denial of service if a malformed audio file is processed. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian Security Advisory...

Debian: Security Advisory (DSA-4192-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

MGASA-2018-0211 Updated sox packages fix security vulnerabilities

This update for sox fixes the following security issues: CVE-2017-11332: Fixed the startread function in wav.c, which allowed remote attackers to cause a DoS divide-by-zero via a crafted wav file. CVE-2017-11358: Fixed the readsamples function in hcom.c, which allowed remote attackers to cause a...

Out-of-bounds Read

libvorbis.so is vulnerable to out-of-bounds read. The user can trigger the attack by sending a malicious audio file to mapping0forward function in mapping0.c...

Denial Of Service (DoS) Through Out-of-Bounds Write

libvorbis.so is vulnerable to out-of-bounds write. A malicious user can pass a audio file that when processed causes a out-of-bounds write that can lead to arbitrary code execution or to the application crashing...

CVE-2018-4094

An issue was discovered in certain Apple products. iOS before 11.2.5 is affected. macOS before 10.13.3 is affected. tvOS before 11.2.5 is affected. watchOS before 4.2.2 is affected. The issue involves the "Audio" component. It allows remote attackers to execute arbitrary code or cause a denial of...

CVE-2017-18245

The mpc8probe function in libavformat/mpc8.c in Libav 12.2 allows remote attackers to cause a denial of service heap-based buffer over-read via a crafted audio file...

Heap overflow

The mpc8probe function in libavformat/mpc8.c in Libav 12.2 allows remote attackers to cause a denial of service heap-based buffer over-read via a crafted audio file...