Buffer overflow in Mega-nerd Libsndfile

CVE-2011-2696

Integer overflow in libsndfile before 1.0.25 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PARIS Audio Format (PAF) file that triggers a heap-based buffer overflow.

Vulnerability class: Buffer Overflow

EPSS: 0.089 (92.7th percentile) — read the EPSS interpretation.

Affected products

Mega-nerd Libsndfile — versions 0.0.8, 0.0.28, 1.0.0
N/a — versions n/a

Weakness classification (CWE)

CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer

References

48644 (vdb-entry, x_refsource_BID)
RHSA-2011:1084 (x_refsource_REDHAT, vendor-advisory)
[oss-security] 20110715 Re: Re: CVE Request -- libsndfile -- Integer overflow by processing certain PAF files (mailing-list, x_refsource_MLIST)
secalert@redhat.com (x_refsource_CONFIRM)
DSA-2288 (vendor-advisory, x_refsource_DEBIAN)
FEDORA-2011-9325 (x_refsource_FEDORA, vendor-advisory)
secalert@redhat.com (x_refsource_CONFIRM)
45351 (x_refsource_SECUNIA, third-party-advisory, Vendor Advisory)
[oss-security] 20110715 Re: Re: CVE Request -- libsndfile -- Integer overflow by processing certain PAF files (mailing-list, x_refsource_MLIST)
[oss-security] 20110714 Re: CVE Request -- libsndfile -- Integer overflow by processing certain PAF files (mailing-list, x_refsource_MLIST)