Zurück zur CVE-Übersicht
CVE-2017-8365
MEDIUM(4.3)AV:N/AC:M/Au:N/C:N/I:N/A:P
Risk Signal Score12/100 — NIEDRIG
- CVSS 4.3 — Mittel
EPSS-Score
3%
Exploit-Wahrscheinlichkeit (30 Tage)
CVSS Score
4.3
Technische Schwere
Beschreibung
The i2les_array function in pcm.c in libsndfile 1.0.28 allows remote attackers to cause a denial of service (buffer over-read and application crash) via a crafted audio file.
Referenzen
- https://blogs.gentoo.org/ago/2017/04/29/libsndfile-global-buffer-overflow-in-i2l...
- https://lists.debian.org/debian-lts-announce/2018/12/msg00016.html
- https://security.gentoo.org/glsa/201811-23
- https://blogs.gentoo.org/ago/2017/04/29/libsndfile-global-buffer-overflow-in-i2l...
- https://lists.debian.org/debian-lts-announce/2018/12/msg00016.html
- https://security.gentoo.org/glsa/201811-23