Published: 21/06/2017 Updated: 05/07/2017

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

CVSS v3 Base Score: 5.5 | Impact Score: 3.6 | Exploitability Score: 1.8

VMScore: 435

Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P

The wav_open_read function in frontend/input.c in Freeware Advanced Audio Coder (FAAC) 1.28 allows remote malicious users to cause a denial of service (large loop) via a crafted wav file.

Vulnerable Product	Search on Vulmon	Subscribe to Product
audiocoding freeware advanced audio coder 1.28

Debian Bug report logs - #865909 faac: CVE-2017-9129 CVE-2017-9130 Package: src:faac; Maintainer for src:faac is Debian Multimedia Maintainers <debian-multimedia@listsdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Sun, 25 Jun 2017 19:18:02 UTC Severity: important Tags: fixed-upstream, patch ...

Freeware Advanced Audio Coder (FAAC) multiple vulnerabilities ================ Author : qflbwu =============== Introduction: ============= FAAC is an encoder for a lossy sound compression scheme specified in MPEG-2 Part 7 and MPEG-4 Part 3 standards and known as Advanced Audio Coding (AAC) This encoder is useful for producing files that can be ...

Freeware Advanced Audio Coder (FAAC) version 128 suffers from multiple denial of service vulnerabilities ...

CWE-400 https://www.exploit-db.com/exploits/42207/https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=865909 https://nvd.nist.gov https://www.exploit-db.com/exploits/42207/

CVE-2017-9129

Vulnerability Summary

Vendor Advisories

Exploits

References

Vulmon Search

About

Products

Connect