Описание
Heap-based buffer overflow in the GetWavHeader function in generic/jkSoundFile.c in the Snack Sound Toolkit, as used in WaveSurfer 1.8.8p4, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large chunk size in a WAV file.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| snack | fixed | 2.2.10-dfsg1-12.1 | package | |
| snack | fixed | 2.2.10-dfsg1-9+squeeze1 | squeeze | package |
| wavesurfer | not-affected | package |
Примечания
http://secunia.com/advisories/49889/
https://www.openwall.com/lists/oss-security/2012/12/10/2
EPSS
Связанные уязвимости
Heap-based buffer overflow in the GetWavHeader function in generic/jkSoundFile.c in the Snack Sound Toolkit, as used in WaveSurfer 1.8.8p4, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large chunk size in a WAV file.
Heap-based buffer overflow in the GetWavHeader function in generic/jkSoundFile.c in the Snack Sound Toolkit, as used in WaveSurfer 1.8.8p4, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large chunk size in a WAV file.
Heap-based buffer overflow in the GetWavHeader function in generic/jkSoundFile.c in the Snack Sound Toolkit, as used in WaveSurfer 1.8.8p4, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large chunk size in a WAV file.
EPSS