Download
| Alert*
oval:org.secpod.oval:def:52849
audiofile: Open-source version of the SGI audiofile library audiofile could be made to crash or run programs if it opened a specially crafted file. oval:org.secpod.oval:def:602826 Several vulnerabilities have been discovered in the audiofile library, which may result in denial of service or the execution of arbitrary code if a malformed audio file is processed. oval:org.secpod.oval:def:703532 audiofile: Open-source version of the SGI audiofile library audiofile could be made to crash or run programs if it opened a specially crafted file. oval:org.secpod.oval:def:89044753 This audiofile update fixes the following issue: Security issues fixed: - CVE-2015-7747: Fixed buffer overflow issue when changing both number of channels and sample format. - CVE-2017-6827: heap-based buffer overflow in MSADPCM::initializeCoefficients - CVE-2017-6828: heap-based buffer overflow ... oval:org.secpod.oval:def:89044803 This update for audiofile fixes the following issues: Security issues fixed: - CVE-2017-6827: heap-based buffer overflow in MSADPCM::initializeCoefficients - CVE-2017-6828: heap-based buffer overflow in readValue - CVE-2017-6829: global buffer overflow in decodeSample - CVE-2017-6830: heap-bas ... |