Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

github логотип

GHSA-6h4m-7f2h-7r2r

Опубликовано: 17 мая 2022
Источник: github
Github: Не прошло ревью
CVSS3: 7.8

Описание

The wav_convert2mono function in lib/wav.c in SWFTools 0.9.2 does not properly validate WAV data, which allows remote attackers to cause a denial of service (incorrect malloc and heap-based buffer overflow) or possibly have unspecified other impact via a crafted file.

The wav_convert2mono function in lib/wav.c in SWFTools 0.9.2 does not properly validate WAV data, which allows remote attackers to cause a denial of service (incorrect malloc and heap-based buffer overflow) or possibly have unspecified other impact via a crafted file.

Ссылки

EPSS

Процентиль: 46%
0.00236
Низкий

7.8 High

CVSS3

CVE ID

CVE-2017-16793

Дефекты

CWE-119

Связанные уязвимости

ubuntu логотип

CVE-2017-16793

CVSS3: 7.8
ubuntu
около 8 лет назад

The wav_convert2mono function in lib/wav.c in SWFTools 0.9.2 does not properly validate WAV data, which allows remote attackers to cause a denial of service (incorrect malloc and heap-based buffer overflow) or possibly have unspecified other impact via a crafted file.

nvd логотип

CVE-2017-16793

CVSS3: 7.8
nvd
около 8 лет назад

The wav_convert2mono function in lib/wav.c in SWFTools 0.9.2 does not properly validate WAV data, which allows remote attackers to cause a denial of service (incorrect malloc and heap-based buffer overflow) or possibly have unspecified other impact via a crafted file.

debian логотип

CVE-2017-16793

CVSS3: 7.8
debian
около 8 лет назад

The wav_convert2mono function in lib/wav.c in SWFTools 0.9.2 does not ...

EPSS

Процентиль: 46%
0.00236
Низкий

7.8 High

CVSS3

CVE ID

CVE-2017-16793

Дефекты

CWE-119