Gentoo Linux Security Advisory GLSA 200904-16 - A buffer overflow vulnerability in libsndfile might allow remote attackers to execute arbitrary code. Alin Rad Pop from Secunia Research reported an integer overflow when processing CAF description chunks, leading to a heap-based buffer overflow. Versions less than 1.0.19 are affected.
3dc433cdfde65f004408d14c8170f98bed06e1fc84969102a136d58c79217126Ubuntu Security Notice USN-749-1 - It was discovered that libsndfile did not correctly handle description chunks in CAF audio files. If a user or automated system were tricked into opening a specially crafted CAF audio file, an attacker could execute arbitrary code with the privileges of the user invoking the program.
044d8cd4689b433bcb2bda5fe39b7eea86415e2189918f2d823ccd627677a476Debian Security Advisory 1742-1 - Alan Rad Pop discovered that libsndfile, a library to read and write sampled audio data, is prone to an integer overflow. This causes a heap-based buffer overflow when processing crafted CAF description chunks possibly leading to arbitrary code execution.
a37ce76a07759aa2c00c1ba6f442f62a8e9d2ce0729a65e12e9c1b573afa3af3Mandriva Linux Security Advisory 2009-067 - Crafted data - channels per frame value - in CAF files enables remote attackers to execute arbitrary code or denial of service via a possible integer overflow, leading to a possible heap overflow. This update provides fix for that vulnerability.
8031a5bfe8aa30d42e54cb560c9c38202cb94aac13227fedd63fe7f980655436Secunia Research has discovered a vulnerability in Winamp, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to an integer overflow error in the libsndfile.dll library while processing CAF description chunks. This can be exploited to cause a heap-based buffer overflow by tricking a user into processing a specially crafted CAF audio file. Successful exploitation may allow execution of arbitrary code. Versions 5.541 and 5.55 of Winamp are affected.
e97f2fe73e532a5dec458183af5d69b27e62e2a71a4a255ef386e4dca35a6f89Secunia Research has discovered a vulnerability in libsndfile, which can be exploited by malicious people to compromise an application using the library. The vulnerability is caused due to an integer overflow error in the processing of CAF description chunks. This can be exploited to cause a heap-based buffer overflow by tricking the user into processing a specially crafted CAF audio file. Successful exploitation may allow execution of arbitrary code. Version 1.0.18 of libsndfile is affected.
b5eb317c23578aec59191a12b52b4f678a3da0e4fb73652dfa8b4375cf3a713a
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed