19 matches found
Linux Distros Unpatched Vulnerability : CVE-2017-16942
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In libsndfile 1.0.25 fixed in 1.0.26, a divide-by-zero error exists in the function wavw64readfmtchunk in wavw64.c, which may lead to DoS when playing a crafted...
Mageia: Security Advisory (MGASA-2018-0236)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Advisory ROSA-SA-2021-1890
Software: libsndfile 1.0.25 OS: Cobalt 7.9 CVE-ID: CVE-2014-9756 CVE-Crit: CRITICAL CVE-DESC: The psffwrite function in fileio.c in libsndfile allows attackers to cause a denial of service division-by-zero error and application crash via undefined vectors associated with the headindex variable...
SUSE: Security Advisory (SUSE-SU-2018:0351-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2018:0352-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu 16.04 LTS : libsndfile vulnerabilities (USN-4704-1)
The remote Ubuntu 16.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4704-1 advisory. It was discovered that libsndfile incorrectly handled certain malformed files. A remote attacker could use this issue to cause libsndfile to crash,...
Ubuntu: Security Advisory (USN-4704-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-4704-1: libsndfile vulnerabilities
It was discovered that libsndfile incorrectly handled certain malformed files. A remote attacker could use this issue to cause libsndfile to crash, resulting in a denial of service, or possibly execute arbitrary code. CVE-2017-12562 It was discovered that libsndfile incorrectly handled certain...
Huawei EulerOS: Security Advisory for libsndfile (EulerOS-SA-2019-2616)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for libsndfile (EulerOS-SA-2019-2513)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS 2.0 SP3 : libsndfile (EulerOS-SA-2019-2616)
According to the versions of the libsndfile package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - The psffwrite function in fileio.c in libsndfile allows attackers to cause a denial of service divide-by-zero error and application crash via...
EulerOS 2.0 SP2 : libsndfile (EulerOS-SA-2019-2513)
According to the versions of the libsndfile package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - In libsndfile before 1.0.28, an error in the 'headerread' function common.c when handling ID3 tags can be exploited to cause a stack-based...
Updated libsndfile packages fix security vulnerabilities
An out of bounds read in the function d2alawarray in alaw.c of libsndfile 1.0.28 may lead to a remote DoS attack or information disclosure, related to mishandling of the NAN and INFINITY floating-point values CVE-2017-14245. An out of bounds read in the function d2ulawarray in ulaw.c of libsndfil...
openSUSE Security Update : libsndfile (openSUSE-2018-140)
This update for libsndfile fixes the following issues : - CVE-2017-16942: Divide-by-zero in the function wavw64readfmtchunk, which may lead to Denial of service bsc1069874. - CVE-2017-6892: Fixed an out-of-bounds read memory access in the aiffreadchanmap bsc1043978. - CVE-2017-14634: In libsndfil...
SUSE SLED12 / SLES12 Security Update : libsndfile (SUSE-SU-2018:0352-1)
This update for libsndfile fixes the following issues : - CVE-2017-16942: Divide-by-zero in the function wavw64readfmtchunk, which may lead to Denial of service bsc1069874. - CVE-2017-6892: Fixed an out-of-bounds read memory access in the aiffreadchanmap bsc1043978. - CVE-2017-14634: In libsndfil...
SUSE SLES11 Security Update : Recommended update for libsndfile (SUSE-SU-2018:0351-1)
This update for libsndfile fixes a memory leak in an error path.bsc1038856 - CVE-2017-16942: A divide-by-zero error exists in the function wavw64readfmtchunk in wavw64.c, which may lead to DoS when playing a crafted audio file. bsc1069874 - CVE-2017-14634: In libsndfile 1.0.28, a divide-by-zero...
CVE-2017-16942
In libsndfile 1.0.25 fixed in 1.0.26, a divide-by-zero error exists in the function wavw64readfmtchunk in wavw64.c, which may lead to DoS when playing a crafted audio file...
CVE-2017-16942
CVE-2017-16942 affects libsndfile up to version 1.0.25; fixed in 1.0.26. The issue is a divide-by-zero in wav_w64_read_fmt_chunk() (wav_w64.c) that may cause a DoS when opening or playing a crafted WAV/W64 file. The vulnerability is triggered during format chunk parsing and can crash the applicat...
CVE-2017-16942
In libsndfile 1.0.25 fixed in 1.0.26, a divide-by-zero error exists in the function wavw64readfmtchunk in wavw64.c, which may lead to DoS when playing a crafted audio file...