Published: 21/09/2017 Updated: 29/10/2020

CVSS v2 Base Score: 5.8 | Impact Score: 4.9 | Exploitability Score: 8.6

CVSS v3 Base Score: 8.1 | Impact Score: 5.2 | Exploitability Score: 2.8

VMScore: 516

Vector: AV:N/AC:M/Au:N/C:P/I:N/A:P

It exists that libsndfile incorrectly handled certain malformed files. A remote attacker could use this issue to cause libsndfile to crash, resulting in a denial of service, or possibly execute arbitrary code.

Vulnerable Product	Search on Vulmon	Subscribe to Product
libsndfile project libsndfile 1.0.28
debian debian linux 8.0

Several security issues were fixed in libsndfile ...

Debian Bug report logs - #884735 libsndfile: CVE-2017-17456 CVE-2017-17457 Package: src:libsndfile; Maintainer for src:libsndfile is Debian Multimedia Maintainers <debian-multimedia@listsdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Mon, 18 Dec 2017 21:15:01 UTC Severity: important Tags: f ...

Debian Bug report logs - #876682 libsndfile: CVE-2017-14245, CVE-2017-14246 Package: libsndfile; Maintainer for libsndfile is Debian Multimedia Maintainers <debian-multimedia@listsdebianorg>; Reported by: Markus Koschany <apo@debianorg> Date: Sun, 24 Sep 2017 20:12:01 UTC Severity: important Tags: security, upstre ...

An out of bounds read in the function d2alaw_array() in alawc of libsndfile 1028 may lead to a remote DoS attack or information disclosure, related to mishandling of the NAN and INFINITY floating-point values ...

CWE-125 https://github.com/erikd/libsndfile/issues/317 https://lists.debian.org/debian-lts-announce/2018/12/msg00016.html https://usn.ubuntu.com/4013-1/https://security.gentoo.org/glsa/202007-65 https://lists.debian.org/debian-lts-announce/2020/10/msg00030.html https://usn.ubuntu.com/4013-1/https://nvd.nist.gov

CVE-2017-14245

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect