28 matches found
Linux Distros Unpatched Vulnerability : CVE-2018-17095
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue has been discovered in mpruett Audio File Library aka audiofile 0.3.6, 0.3.5, 0.3.4, 0.3.3, 0.3.2, 0.3.1, 0.3.0. A heap-based buffer overflow in...
RHEL 6 : audiofile (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - audiofile: Heap-based buffer overflow in Expand3To4Module::run when running sfconvert CVE-2018-17095 -...
USN-6558-1: audiofile vulnerabilities | Cloud Foundry
Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 18.04 Canonical Ubuntu 22.04 Description It was discovered that audiofile could be made to dereference invalid memory. If a user or an automated system were tricked into opening a specially crafted file, an attacker could...
USN-6558-1: audiofile vulnerabilities
It was discovered that audiofile could be made to dereference invalid memory. If a user or an automated system were tricked into opening a specially crafted file, an attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 16.04 LTS and Ubuntu 18.04 LTS...
Mageia: Security Advisory (MGASA-2018-0441)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2018:3506-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Medium: audiofile
Issue Overview: The audiofile Audio File Library 0.3.6 has a NULL pointer dereference bug in ModuleState::setup in modules/ModuleState.cpp, which allows an attacker to cause a denial of service via a crafted caf file, as demonstrated by sfconvert. CVE-2018-13440 An issue has been discovered in...
CentOS 7 : audiofile (RHSA-2020:3877)
The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:3877 advisory. - The audiofile Audio File Library 0.3.6 has a NULL pointer dereference bug in ModuleState::setup in modules/ModuleState.cpp, which allows an attacker ...
audiofile security update
1:0.3.6-9 - Apply security patches. CVE-2018-17095, CVE-2018-13440 - Resolves: rhbz1600369, rhbz1601014, rhbz1637128 1:0.3.6-8 - Escape macros in %changelog 1:0.3.6-7 - Merge upstream pull requests 42,43,44 from Agostino Sarubbo to fix security issues. CVE-2017-6827, CVE-2017-6828, CVE-2017-6829,...
Huawei EulerOS: Security Advisory for audiofile (EulerOS-SA-2020-1835)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS 2.0 SP8 : audiofile (EulerOS-SA-2020-1835)
According to the version of the audiofile package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - In mpruett audio files aka audio file 0.3.6 discovered a problem.When run sfconvert in Expand3To4Module: : heap-based buffer overflow happened in...
openSUSE Security Update : audiofile (openSUSE-2019-879)
This update for audiofile fixes the following issues : - CVE-2018-17095: A heap-based buffer overflow in Expand3To4Module::run could occurred when running sfconvert leading to crashes or code execution when handling untrusted soundfiles bsc1111586. This update was imported from the...
Fedora 29 : 1:audiofile (2018-3058a87e60)
Fixes for CVE-2018-13440 and CVE-2018-17095. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues...
Fedora 28 : 1:audiofile (2018-41626fa774)
Fixes for CVE-2018-13440 and CVE-2018-17095. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues...
SUSE SLED15 / SLES15 Security Update : audiofile (SUSE-SU-2018:3506-1)
This update for audiofile fixes the following issues : CVE-2018-17095: A heap-based buffer overflow in Expand3To4Module::run could occurred when running sfconvert leading to crashes or code execution when handling untrusted soundfiles bsc1111586. Note that Tenable Network Security has extracted t...
openSUSE Security Update : audiofile (openSUSE-2018-1375)
This update for audiofile fixes the following issues : - CVE-2018-17095: A heap-based buffer overflow in Expand3To4Module::run could occurred when running sfconvert leading to crashes or code execution when handling untrusted soundfiles bsc1111586. This update was imported from the...
openSUSE: Security Advisory for audiofile (openSUSE-SU-2018:3694-1)
The remote host is missing an update for the Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
SUSE SLED12 / SLES12 Security Update : audiofile (SUSE-SU-2018:3588-1)
This update for audiofile fixes the following issues : CVE-2018-17095: A heap-based buffer overflow in Expand3To4Module::run could occurred when running sfconvert leading to crashes or code execution when handling untrusted soundfiles bsc1111586. Note that Tenable Network Security has extracted t...
USN-3800-1: audiofile vulnerabilities | Cloud Foundry
Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 14.04 Description It was discovered that audiofile incorrectly handled certain files. An attacker could possibly use this issue to cause a denial of service. CVE-2018-13440 It was discovered that audiofile incorrectly...
openSUSE Security Update : audiofile (openSUSE-2018-1325)
This update for audiofile fixes the following issues : - CVE-2018-17095: A heap-based buffer overflow in Expand3To4Module::run could occurred when running sfconvert leading to crashes or code execution when handling untrusted soundfiles bsc1111586. This update was imported from the...