Zurück zur CVE-Übersicht
CVE-2017-8362
MEDIUM(4.3)AV:N/AC:M/Au:N/C:N/I:N/A:P
Risk Signal Score12/100 — NIEDRIG
- CVSS 4.3 — Mittel
EPSS-Score
3%
Exploit-Wahrscheinlichkeit (30 Tage)
CVSS Score
4.3
Technische Schwere
Beschreibung
The flac_buffer_copy function in flac.c in libsndfile 1.0.28 allows remote attackers to cause a denial of service (invalid read and application crash) via a crafted audio file.
Referenzen
- https://blogs.gentoo.org/ago/2017/04/29/libsndfile-invalid-memory-read-in-flac_b...
- https://lists.debian.org/debian-lts-announce/2018/12/msg00016.html
- https://security.gentoo.org/glsa/201811-23
- https://blogs.gentoo.org/ago/2017/04/29/libsndfile-invalid-memory-read-in-flac_b...
- https://lists.debian.org/debian-lts-announce/2018/12/msg00016.html
- https://security.gentoo.org/glsa/201811-23