Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
4.3
CVSSv2

CVE-2018-19758

Published: 30/11/2018 Updated: 29/10/2020
CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6
CVSS v3 Base Score: 6.5 | Impact Score: 3.6 | Exploitability Score: 2.8
VMScore: 383
Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P
Subscribe to Libsndfile

Vulnerability Summary

It exists that libsndfile incorrectly handled certain malformed files. A remote attacker could use this issue to cause libsndfile to crash, resulting in a denial of service, or possibly execute arbitrary code.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

libsndfile project libsndfile 1.0.28

debian debian linux 8.0

Vendor Advisories

Ubuntu Security Notice: libsndfile vulnerabilities
Several security issues were fixed in libsndfile ...
Debian CVElist Bug Report Logs: libsndfile: CVE-2018-19758: heap-buffer-overflow in wav_write_header
Debian Bug report logs - #917416 libsndfile: CVE-2018-19758: heap-buffer-overflow in wav_write_header Package: src:libsndfile; Maintainer for src:libsndfile is Debian Multimedia Maintainers <debian-multimedia@listsdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Thu, 27 Dec 2018 14:57:02 UTC ...
Debian CVElist Bug Report Logs: libsndfile: CVE-2019-3832: incomplete fix for CVE-2018-19758 still allow to read beyond buffer limits
Debian Bug report logs - #922372 libsndfile: CVE-2019-3832: incomplete fix for CVE-2018-19758 still allow to read beyond buffer limits Package: src:libsndfile; Maintainer for src:libsndfile is Debian Multimedia Maintainers <debian-multimedia@listsdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date ...
Debian CVElist Bug Report Logs: libsndfile: CVE-2017-17456 CVE-2017-17457
Debian Bug report logs - #884735 libsndfile: CVE-2017-17456 CVE-2017-17457 Package: src:libsndfile; Maintainer for src:libsndfile is Debian Multimedia Maintainers <debian-multimedia@listsdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Mon, 18 Dec 2017 21:15:01 UTC Severity: important Tags: f ...
Debian CVElist Bug Report Logs: libsndfile: CVE-2017-14634
Debian Bug report logs - #876783 libsndfile: CVE-2017-14634 Package: src:libsndfile; Maintainer for src:libsndfile is Debian Multimedia Maintainers <debian-multimedia@listsdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Mon, 25 Sep 2017 20:27:01 UTC Severity: normal Tags: fixed-upstream, sec ...
Arch Linux Issues:
There is a heap-based buffer over-read at wavc in wav_write_header in libsndfile 1028 that will cause a denial of service ...

References

CWE-125https://bugzilla.redhat.com/show_bug.cgi?id=1643812https://lists.debian.org/debian-lts-announce/2019/01/msg00008.htmlhttps://usn.ubuntu.com/4013-1/https://lists.debian.org/debian-lts-announce/2020/10/msg00030.htmlhttps://usn.ubuntu.com/4013-1/https://nvd.nist.gov
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463CVE-2024-3400deserializationCVE-2024-21788CVE-2023-42433CVE-2024-21841CVE-2024-22095local file inclusionmemory leak
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook