Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
4.3
CVSSv2

CVE-2017-14634

Published: 21/09/2017 Updated: 29/10/2020
CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6
CVSS v3 Base Score: 6.5 | Impact Score: 3.6 | Exploitability Score: 2.8
VMScore: 383
Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P
Subscribe to Libsndfile Project

Vulnerability Summary

It exists that libsndfile incorrectly handled certain malformed files. A remote attacker could use this issue to cause libsndfile to crash, resulting in a denial of service, or possibly execute arbitrary code.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

libsndfile project libsndfile 1.0.28

debian debian linux 8.0

Vendor Advisories

Ubuntu Security Notice: libsndfile vulnerabilities
Several security issues were fixed in libsndfile ...
Debian CVElist Bug Report Logs: libsndfile: CVE-2018-19758: heap-buffer-overflow in wav_write_header
Debian Bug report logs - #917416 libsndfile: CVE-2018-19758: heap-buffer-overflow in wav_write_header Package: src:libsndfile; Maintainer for src:libsndfile is Debian Multimedia Maintainers <debian-multimedia@listsdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Thu, 27 Dec 2018 14:57:02 UTC ...
Debian CVElist Bug Report Logs: libsndfile: CVE-2017-17456 CVE-2017-17457
Debian Bug report logs - #884735 libsndfile: CVE-2017-17456 CVE-2017-17457 Package: src:libsndfile; Maintainer for src:libsndfile is Debian Multimedia Maintainers <debian-multimedia@listsdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Mon, 18 Dec 2017 21:15:01 UTC Severity: important Tags: f ...
Debian CVElist Bug Report Logs: libsndfile: CVE-2017-14634
Debian Bug report logs - #876783 libsndfile: CVE-2017-14634 Package: src:libsndfile; Maintainer for src:libsndfile is Debian Multimedia Maintainers <debian-multimedia@listsdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Mon, 25 Sep 2017 20:27:01 UTC Severity: normal Tags: fixed-upstream, sec ...
Red Hat: CVE-2017-14634
In libsndfile 1028, a divide-by-zero error exists in the function double64_init() in double64c, which may lead to DoS when playing a crafted audio file ...
Arch Linux Issues:
In libsndfile 1028, a divide-by-zero error exists in the function double64_init() in double64c, which may lead to DoS when playing a crafted audio file ...

References

CWE-369https://github.com/erikd/libsndfile/issues/318https://security.gentoo.org/glsa/201811-23https://lists.debian.org/debian-lts-announce/2018/12/msg00016.htmlhttps://usn.ubuntu.com/4013-1/https://lists.debian.org/debian-lts-announce/2020/10/msg00030.htmlhttps://usn.ubuntu.com/4013-1/https://nvd.nist.gov
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-32744privilege escalationCVE-2024-30253CVE-2024-3914cross-site scriptingCVE-2024-31497CVE-2024-3400CVE-2024-32341hardcoded
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook