CVE-2017-6829

Опубликовано: 20 мар. 2017

Источник: debian

EPSS Низкий

Описание

The decodeSample function in IMA.cpp in Audio File Library (aka audiofile) 0.3.6 allows remote attackers to cause a denial of service (crash) via a crafted file.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
audiofile	fixed	0.3.6-4		package

Примечания

https://github.com/mpruett/audiofile/issues/33
https://blogs.gentoo.org/ago/2017/02/20/audiofile-global-buffer-overflow-in-decodesample-ima-cpp
https://github.com/mpruett/audiofile/pull/43/commits/25eb00ce913452c2e614548d7df93070bf0d066f

EPSS

Процентиль: 89%

0.04576

Низкий

Связанные уязвимости

CVE-2017-6829

CVSS3: 5.5

ubuntu

почти 9 лет назад

The decodeSample function in IMA.cpp in Audio File Library (aka audiofile) 0.3.6 allows remote attackers to cause a denial of service (crash) via a crafted file.

CVE-2017-6829

CVSS3: 3.3

redhat

почти 9 лет назад

The decodeSample function in IMA.cpp in Audio File Library (aka audiofile) 0.3.6 allows remote attackers to cause a denial of service (crash) via a crafted file.

CVE-2017-6829

CVSS3: 5.5

nvd

почти 9 лет назад

The decodeSample function in IMA.cpp in Audio File Library (aka audiofile) 0.3.6 allows remote attackers to cause a denial of service (crash) via a crafted file.

CVE-2017-6829

CVSS3: 5.5

msrc

4 месяца назад

The decodeSample function in IMA.cpp in Audio File Library (aka audiofile) 0.3.6 allows remote attackers to cause a denial of service (crash) via a crafted file.

GHSA-4346-2577-gf85

CVSS3: 5.5

github

больше 3 лет назад

The decodeSample function in IMA.cpp in Audio File Library (aka audiofile) 0.3.6 allows remote attackers to cause a denial of service (crash) via a crafted file.

EPSS

Процентиль: 89%

0.04576

Низкий