7.8 High
AI Score
Confidence
Low
9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.062 Low
EPSS
Percentile
93.5%
Tobias Klein discovered a heap-based buffer overflow in libsndfile. If a
user or automated system processed a crafted VOC file, an attacker could
cause a denial of service via application crash, or possibly execute
arbitrary code with the privileges of the user invoking the program.
(CVE-2009-1788)
Erik de Castro Lopo discovered a similar heap-based buffer overflow when
processing AIFF files. If a user or automated system processed a crafted
AIFF file, an attacker could cause a denial of service via application
crash, or possibly execute arbitrary code with the privileges of the user
invoking the program. (CVE-2009-1791)
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Ubuntu | 9.04 | noarch | libsndfile1 | <Â 1.0.17-4ubuntu1.1 | UNKNOWN |
Ubuntu | 9.04 | noarch | libsndfile1-dev | <Â 1.0.17-4ubuntu1.1 | UNKNOWN |
Ubuntu | 9.04 | noarch | sndfile-programs | <Â 1.0.17-4ubuntu1.1 | UNKNOWN |
Ubuntu | 8.10 | noarch | libsndfile1 | <Â 1.0.17-4ubuntu0.8.10.2 | UNKNOWN |
Ubuntu | 8.10 | noarch | libsndfile1-dev | <Â 1.0.17-4ubuntu0.8.10.2 | UNKNOWN |
Ubuntu | 8.10 | noarch | sndfile-programs | <Â 1.0.17-4ubuntu0.8.10.2 | UNKNOWN |
Ubuntu | 8.04 | noarch | libsndfile1 | <Â 1.0.17-4ubuntu0.8.04.2 | UNKNOWN |
Ubuntu | 8.04 | noarch | libsndfile1-dev | <Â 1.0.17-4ubuntu0.8.04.2 | UNKNOWN |
Ubuntu | 8.04 | noarch | sndfile-programs | <Â 1.0.17-4ubuntu0.8.04.2 | UNKNOWN |