RHEL 6 / 7 : firefox (RHSA-2018:0549)

The remote Redhat Enterprise Linux 6 / 7 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2018:0549 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to...

OPENSUSE-SU-2018:0543-1 Security update for lame

This update for lame fixes the following issues: Lame was updated to version 3.100: Improved detection of MPEG audio data in RIFF WAVE files. sf3545112 Invalid sampling detection New switch --gain , range -20.0 to +12.0, a more convenient way to apply Gain adjustment in decibels, than the use of...

OPENSUSE-SU-2018:0544-1 Security update for lame

This update for lame fixes the following issues: Lame was updated to version 3.100: Improved detection of MPEG audio data in RIFF WAVE files. sf3545112 Invalid sampling detection New switch --gain , range -20.0 to +12.0, a more convenient way to apply Gain adjustment in decibels, than the use of...

About the security content of tvOS 11.2.5

About the security content of tvOS 11.2.5 This document describes the security content of tvOS 11.2.5. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available...

CVE-2017-15046

LAME 3.99.5, 3.99.4, 3.98.4, 3.98.2, 3.98 and 3.97 have a stack-based buffer overflow in unpackreadsamples in frontend/getaudio.c, a different vulnerability than CVE-2017-9412...

SoundTouch 1.9.2 - Multiple Vulnerabilities

Exploit for linux platform in category dos / poc SoundTouch multiple vulnerabilities ================ Author : qflb.wu =============== Introduction: ============= SoundTouch is an open-source audio processing library for changing the Tempo, Pitch and Playback Rates of audio streams or audio files...

SoundTouch 1.9.2 - Multiple Vulnerabilities

SoundTouch multiple vulnerabilities ================ Author : qflb.wu =============== Introduction: ============= SoundTouch is an open-source audio processing library for changing the Tempo, Pitch and Playback Rates of audio streams or audio files. The library additionally supports estimating...

UBUNTU-CVE-2017-8374

The madbitskip function in bit.c in Underbit MAD libmad 0.15.1b allows remote attackers to cause a denial of service heap-based buffer over-read and application crash via a crafted audio file...

About the security content of iOS 10.2

About the security content of iOS 10.2 This document describes the security content of iOS 10.2. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recen...

CVE-2016-4646

Audio in Apple OS X before 10.11.6 mishandles a size value, which allows remote attackers to obtain sensitive information or cause a denial of service out-of-bounds read via a crafted audio file...

audiofile memory corruption

Crash on audiofiles processing...

Mozilla Firefox Audio Processing Memory Misreference Vulnerability

Mozilla Firefox is an open source WEB browser. A memory misreference vulnerability in Mozilla Firefox MediaStream playback when processing audio via the Web Audio API allows remote attackers to construct a malicious web page and trick users into parsing it, which could crash the application or...

flac: Buffer read overflow when processing ID3V2 metadata

A buffer over-read flaw was found in the way flac processed certain ID3v2 metadata. An attacker could create a specially crafted FLAC audio file that could cause an application using the flac library to crash when the file was read...

Scientific Linux Security Update : flac on SL5.x, SL4.x i386/x86_64

A security flaw was found in the way flac processed audio data. An attacker could create a carefully crafted FLAC audio file in such a way that it could cause an application linked with flac libraries to crash or execute arbitrary code when it was opened. CVE-2007-4619 This update actually went o...

Mandriva Update for flac MDKSA-2007:214 (flac)

Check for the Version of flac OpenVAS Vulnerability Test Mandriva Update for flac MDKSA-2007:214 flac Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the ter...

Mandriva Update for flac MDKSA-2007:214 (flac)

Check for the Version of flac OpenVAS Vulnerability Test Mandriva Update for flac MDKSA-2007:214 flac Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the ter...

FreeBSD : libvorbis -- various security issues (f5a76faf-244c-11dd-b143-0211d880e350)

Red Hat reports : Will Drewry of the Google Security Team reported several flaws in the way libvorbis processed audio data. An attacker could create a carefully crafted Vorbis audio file in such a way that it could cause an application linked with libvorbis to crash, or execute arbitrary code whe...

Fedora 9 : libvorbis-1.2.0-4.fc9 (2008-3910)

Will Drewry of the Google Security Team reported several flaws in the way libvorbis processed audio data. An attacker could create a carefully crafted OGG audio file in such a way that it could cause an application linked with libvorbis to crash, or execute arbitrary code when it was opened...

Fedora 7 : libvorbis-1.1.2-4.fc7 (2008-3898)

Will Drewry of the Google Security Team reported several flaws in the way libvorbis processed audio data. An attacker could create a carefully crafted OGG audio file in such a way that it could cause an application linked with libvorbis to crash, or execute arbitrary code when it was opened...

libvorbis -- various security issues

Red Hat reports: Will Drewry of the Google Security Team reported several flaws in the way libvorbis processed audio data. An attacker could create a carefully crafted Vorbis audio file in such a way that it could cause an application linked with libvorbis to crash, or execute arbitrary code when...