Mega-Nerd: >> Libsndfile >> 1.0.0 Security Vulnerabilities
Integer overflow in libsndfile before 1.0.25 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PARIS Audio Format (PAF) file that triggers a heap-based buffer overflow.
CVSS Score
6.8
EPSS Score
0.07
Published
2011-07-27
Integer overflow in libsndfile 1.0.18, as used in Winamp and other products, allows context-dependent attackers to execute arbitrary code via crafted description chunks in a CAF audio file, leading to a heap-based buffer overflow.
CVSS Score
9.3
EPSS Score
0.042
Published
2009-03-05
Heap-based buffer overflow in the flac_buffer_copy function in libsndfile 1.0.17 and earlier might allow remote attackers to execute arbitrary code via a FLAC file with crafted PCM data containing a block with a size that exceeds the previous block size.
CVSS Score
7.5
EPSS Score
0.064
Published
2007-09-19