CVE-2017-7585

Опубликовано: 24 мар. 2017

Источник: redhat

CVSS3: 3.3

EPSS Низкий

Описание

In libsndfile before 1.0.28, an error in the "flac_buffer_copy()" function (flac.c) can be exploited to cause a stack-based buffer overflow via a specially crafted FLAC file.

A buffer overflow flaw was found in the way libsndfile handled FLAC files. This flaw could potentially be used to crash the application using libsndfile by tricking the application into processing specially crafted FLAC files.

Затронутые пакеты

Платформа	Пакет	Состояние	Рекомендация	Релиз
Red Hat Enterprise Linux 6	libsndfile	Will not fix
Red Hat Enterprise Linux 7	libsndfile	Will not fix

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Low

Дефект:

CWE-121

https://bugzilla.redhat.com/show_bug.cgi?id=1440756libsndfile: Stack-based buffer overflow in flac_buffer_copy()

EPSS

Процентиль: 53%

0.003

Низкий

3.3 Low

CVSS3

Связанные уязвимости

CVE-2017-7585

CVSS3: 5.5

ubuntu

почти 9 лет назад

In libsndfile before 1.0.28, an error in the "flac_buffer_copy()" function (flac.c) can be exploited to cause a stack-based buffer overflow via a specially crafted FLAC file.

CVE-2017-7585

CVSS3: 5.5

nvd

почти 9 лет назад

In libsndfile before 1.0.28, an error in the "flac_buffer_copy()" function (flac.c) can be exploited to cause a stack-based buffer overflow via a specially crafted FLAC file.

CVE-2017-7585

CVSS3: 5.5

debian

почти 9 лет назад

In libsndfile before 1.0.28, an error in the "flac_buffer_copy()" func ...

GHSA-w427-j9xg-4f6g

CVSS3: 5.5

github

больше 3 лет назад

In libsndfile before 1.0.28, an error in the "flac_buffer_copy()" function (flac.c) can be exploited to cause a stack-based buffer overflow via a specially crafted FLAC file.

SUSE-SU-2017:1030-1

suse-cvrf

почти 9 лет назад

Security update for libsndfile

EPSS

Процентиль: 53%

0.003

Низкий

3.3 Low

CVSS3