UbuntuUSN-749-1libsndfile vulnerability
6.5 Medium
AI Score
Confidence
Low
9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.41 Medium
EPSS
Percentile
97.3%
Releases
- Ubuntu 8.10
- Ubuntu 8.04
- Ubuntu 7.10
- Ubuntu 6.06
Packages
- libsndfile -
Details
It was discovered that libsndfile did not correctly handle description
chunks in CAF audio files. If a user or automated system were tricked into
opening a specially crafted CAF audio file, an attacker could execute
arbitrary code with the privileges of the user invoking the program.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Ubuntu | 8.10 | noarch | libsndfile1 | <Β 1.0.17-4ubuntu0.8.10.1 | UNKNOWN |
| Ubuntu | 8.10 | noarch | libsndfile1 | <Β dev-1.0.17-4ubuntu0.8.10.1 | UNKNOWN |
| Ubuntu | 8.10 | noarch | sndfile-programs | <Β 1.0.17-4ubuntu0.8.10.1 | UNKNOWN |
| Ubuntu | 8.04 | noarch | libsndfile1 | <Β 1.0.17-4ubuntu0.8.04.1 | UNKNOWN |
| Ubuntu | 8.04 | noarch | libsndfile1-dev | <Β 1.0.17-4ubuntu0.8.04.1 | UNKNOWN |
| Ubuntu | 8.04 | noarch | sndfile-programs | <Β 1.0.17-4ubuntu0.8.04.1 | UNKNOWN |
| Ubuntu | 7.10 | noarch | libsndfile1 | <Β 1.0.17-4ubuntu0.7.10.1 | UNKNOWN |
| Ubuntu | 7.10 | noarch | libsndfile1-dev | <Β 1.0.17-4ubuntu0.7.10.1 | UNKNOWN |
| Ubuntu | 7.10 | noarch | sndfile-programs | <Β 1.0.17-4ubuntu0.7.10.1 | UNKNOWN |
| Ubuntu | 6.06 | noarch | libsndfile1 | <Β 1.0.12-3ubuntu1.1 | UNKNOWN |
References
Related
6.5 Medium
AI Score
Confidence
Low
9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.41 Medium
EPSS
Percentile
97.3%