4 matches found
CVE-2026-37555
An issue was discovered in libsndfile 1.2.2 IMA ADPCM codec. The AIFF code path line 241 was fixed with sfcountt cast, but the WAV code path line 235 and close path line 167 were not. When samplesperblock int blocks int exceeds INTMAX, the 32-bit multiplication overflows before being assigned to...
Apple macOS AudioToolboxCore Wave Header Parsing Sign Extension Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Apple macOS. Interaction with the AudioToolbox library is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The specific flaw exists within the...
PT-2019-5891 · Unknown +2 · Libsndfile +2
Name of the Vulnerable Software and Affected Versions: Libsndfile affected versions not specified Description: The issue is related to a read beyond the limits of a buffer in the wav write header function in wav.c. This can be exploited by a local attacker to make the application crash, resulting...
DEBIAN-CVE-2017-8419
LAME through 3.99.5 relies on the signed integer data type for values in a WAV or AIFF header, which allows remote attackers to cause a denial of service stack-based buffer overflow or heap-based buffer overflow or possibly have unspecified other impact via a crafted file, as demonstrated by...