9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
libsndfile is vulnerable to heap-based buffer overflow. This is due to the wrong management of the headindex
and headend
values while parsing AIFF
header values. An attacker is able to exploit this vulnerability to overwrite memory heap by manipulating index values to use memcpy()
via a malicious AIFF
file.
CPE | Name | Operator | Version |
---|---|---|---|
libsndfile.so | le | 1.0.25 |
lists.fedoraproject.org/pipermail/package-announce/2015-November/171466.html
lists.fedoraproject.org/pipermail/package-announce/2015-November/172593.html
lists.fedoraproject.org/pipermail/package-announce/2015-November/172607.html
lists.opensuse.org/opensuse-updates/2015-11/msg00077.html
lists.opensuse.org/opensuse-updates/2015-11/msg00145.html
packetstormsecurity.com/files/133926/libsndfile-1.0.25-Heap-Overflow.html
www.nemux.org/2015/10/13/libsndfile-1-0-25-heap-overflow/
www.openwall.com/lists/oss-security/2015/11/03/3
www.openwall.com/lists/oss-security/2015/11/03/7
www.securityfocus.com/bid/77427
www.ubuntu.com/usn/USN-2832-1
packetstormsecurity.com/files/133926/libsndfile-1.0.25-Heap-Overflow.html
security.gentoo.org/glsa/201612-03
www.exploit-db.com/exploits/38447/