SUSE CVE-2009-1791

Heap-based buffer overflow in aiffreadheader in libsndfile 1.0.15 through 1.0.19, as used in Winamp 5.552 and possibly other media programs, allows remote attackers to cause a denial of service application crash and possibly execute arbitrary code via an AIFF file with an invalid header value...

SUSE CVE-2015-7805

Heap-based buffer overflow in libsndfile 1.0.25 allows remote attackers to have unspecified impact via the headindex value in the header in an AIFF file...

SUSE CVE-2017-8419

LAME through 3.99.5 relies on the signed integer data type for values in a WAV or AIFF header, which allows remote attackers to cause a denial of service stack-based buffer overflow or heap-based buffer overflow or possibly have unspecified other impact via a crafted file, as demonstrated by...

Heap-based Buffer Overflow

libsndfile is vulnerable to heap-based buffer overflow. This is due to the wrong management of the headindex and headend values while parsing AIFF header values. An attacker is able to exploit this vulnerability to overwrite memory heap by manipulating index values to use memcpy via a malicious...

Heap overflow

LAME through 3.99.5 relies on the signed integer data type for values in a WAV or AIFF header, which allows remote attackers to cause a denial of service stack-based buffer overflow or heap-based buffer overflow or possibly have unspecified other impact via a crafted file, as demonstrated by...

UBUNTU-CVE-2017-8419

LAME through 3.99.5 relies on the signed integer data type for values in a WAV or AIFF header, which allows remote attackers to cause a denial of service stack-based buffer overflow or heap-based buffer overflow or possibly have unspecified other impact via a crafted file, as demonstrated by...

Mageia: Security Advisory (MGASA-2015-0455)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

MGASA-2015-0455 Updated libsndfile packages fix security vulnerability

Due to a heap overflow in libsndfile, a specially crafted AIFF header can manage index values in order to use memcpy to overwrite memory the heap CVE-2015-7805...

Updated libsndfile packages fix security vulnerability

Due to a heap overflow in libsndfile, a specially crafted AIFF header can manage index values in order to use memcpy to overwrite memory the heap CVE-2015-7805...

libsndfile heap buffer overflow vulnerability

libsndfile is a C library developed by software developer Erik de Castro Lopo that reads and writes audio files in AIFF, AU, and WAV formats through standard interfaces. A heap buffer overflow vulnerability exists in libsndfile version 1.0.25. A remote attacker can exploit the vulnerability by...

DEBIAN-CVE-2015-7805

Heap-based buffer overflow in libsndfile 1.0.25 allows remote attackers to have unspecified impact via the headindex value in the header in an AIFF file...

libsndfile 1.0.25 - Local Heap Overflow

!/usr/bin/env perl Exploit Title: libsndfile SWF/Audio play - pulseaudio - libsndfile ?? not tested - Email attachment - TCP socket connection for audio server only - File upload ex. server side audio file manipulation, interactive voice responder - etc...

libsndfile 1.0.25 Heap Overflow

!/usr/bin/env perl Author: Marco Romano @nemux - 07 Oct 2015 PoC for libsndfile SWF/Audio play - pulseaudio - libsndfile ?? not tested - Email attachment - TCP socket connection for audio server only - File upload ex. server side audio file manipulation, interactive voice responder - etc...

DEBIAN-CVE-2009-1791

Heap-based buffer overflow in aiffreadheader in libsndfile 1.0.15 through 1.0.19, as used in Winamp 5.552 and possibly other media programs, allows remote attackers to cause a denial of service application crash and possibly execute arbitrary code via an AIFF file with an invalid header value...