22 matches found
Linux Distros Unpatched Vulnerability : CVE-2015-7805
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Heap-based buffer overflow in libsndfile 1.0.25 allows remote attackers to have unspecified impact via the headindex value in the header in an AIFF file...
RHEL 7 : libsndfile (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - libsndfile: Heap overflow vulnerability when parsing specially crafted AIFF header CVE-2015-7805 -...
RHEL 6 : libsndfile (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - libsndfile: Heap overflow vulnerability when parsing specially crafted AIFF header CVE-2015-7805 -...
Slackware: Security Advisory (SSA:2016-039-02)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Advisory ROSA-SA-2021-1890
Software: libsndfile 1.0.25 OS: Cobalt 7.9 CVE-ID: CVE-2014-9756 CVE-Crit: CRITICAL CVE-DESC: The psffwrite function in fileio.c in libsndfile allows attackers to cause a denial of service division-by-zero error and application crash via undefined vectors associated with the headindex variable...
SUSE: Security Advisory (SUSE-SU-2015:1979-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2015:2000-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for libsndfile (EulerOS-SA-2019-1441)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian: Security Advisory (DLA-928-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian DLA-928-1 : libsndfile security update
Multiple vulnerabilities were found in libsndfile, a popular library for reading/writing audio files. CVE-2017-7585 In libsndfile before 1.0.28, an error in the 'flacbuffercopy' function flac.c can be exploited to cause a stack-based buffer overflow via a specially crafted FLAC file. CVE-2017-758...
Fedora 23 : libsndfile (2015-5afed1aad2)
The remote Fedora 23 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2015-5afed1aad2 advisory. libsndfile-1.0.25-17.fc22 - fix CVE-2015-7805: Heap overflow vulnerability when parsing specially crafted AIFF header libsndfile-1.0.25-16.fc21 - fi...
lib32-libsndfile: multiple issues
CVE-2014-9496 unspecified impact The sd2parsersrcfork function in sd2.c in lib32-libsndfile allows attackers to have unspecified impact via vectors related to a 1 map offset or 2 rsrc marker, which triggers an out-of-bounds read. - CVE-2014-9756 denial of service The psffwrite function in...
SUSE SLED12 / SLES12 Security Update : libsndfile (SUSE-SU-2015:2000-2)
The libsndfile package was updated to fix the following security issue : - CVE-2014-9756: Fixed a divide by zero problem that can lead to a Denial of Service DoS bsc953521. - CVE-2015-7805: Fixed heap overflow issue bsc953516. - CVE-2015-8075: Fixed heap overflow issue bsc953519. Note that Tenabl...
SUSE-SU-2015:2000-2 Security update for libsndfile
The libsndfile package was updated to fix the following security issue: - CVE-2014-9756: Fixed a divide by zero problem that can lead to a Denial of Service DoS bsc953521. - CVE-2015-7805: Fixed heap overflow issue bsc953516. - CVE-2015-8075: Fixed heap overflow issue bsc953519...
USN-2832-1: libsndfile vulnerabilities
It was discovered that libsndfile incorrectly handled memory when parsing malformed files. A remote attacker could use this issue to cause libsndfile to crash, resulting in a denial of service. This issue only applied to Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. CVE-2014-9496 Joshua Rogers discovere...
Debian DLA-356-1 : libsndfile security update
CVE-2014-9496 The sd2parsersrcfork function in sd2.c in libsndfile allows attackers to have unspecified impact via vectors related to a 1 map offset or 2 rsrc marker, which triggers an out-of-bounds read. CVE-2014-9756 The psffwrite function in fileio.c in libsndfile allows attackers to cause a...
openSUSE Security Update : libsndfile (openSUSE-2015-820)
The libsndfile package was updated to fix the following security issue : - CVE-2014-9756: Fixed a divide by zero problem that can lead to a Denial of Service DoS bsc953521. - CVE-2015-7805: Fixed heap overflow issue bsc953516. - CVE-2015-8075: Fixed heap overflow issue bsc953519. %NASLMINLEVEL...
Mageia: Security Advisory (MGASA-2015-0455)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2015-7805
CVE-2015-7805 is a heap-based buffer overflow in libsndfile 1.0.25 triggered by the AIFF header field headindex, leading to a remote impact described as unspecified in the sources. The vulnerability affects the libsndfile library used for reading/writing audio files, with public disclosures tied ...
openSUSE Security Update : libsndfile (openSUSE-2015-742)
The libsndfile package was updated to fix three security issues : - CVE-2015-7805: fix for heap overflow via specially crafted AIFF header bsc953516 - CVE-2015-8075: fix for out of bounds read access in function psfstrlcpycrlf bsc953519 - CVE-2014-9756: fix a divide-by-zero issue that can lead to...