Описание
soundtouch version up to and including 2.0.0 contains a Buffer Overflow vulnerability in SoundStretch/WavFile.cpp:WavInFile::readHeaderBlock() that can result in arbitrary code execution. This attack appear to be exploitable via victim must open maliocius file in soundstretch utility.
SoundStretch command-line utility packaged with SoundTouch library is vulnerable to heap-based buffer overflow in WavFile.cpp:WavInFile::readHeaderBlock() function that can lead to arbitrary code execution when processing untrusted file input.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 7 | soundtouch | Will not fix | ||
| Red Hat Enterprise Linux 8 | soundtouch | Will not fix |
Показывать по
Дополнительная информация
Статус:
4.2 Medium
CVSS3
Связанные уязвимости
soundtouch version up to and including 2.0.0 contains a Buffer Overflow vulnerability in SoundStretch/WavFile.cpp:WavInFile::readHeaderBlock() that can result in arbitrary code execution. This attack appear to be exploitable via victim must open maliocius file in soundstretch utility.
soundtouch version up to and including 2.0.0 contains a Buffer Overflow vulnerability in SoundStretch/WavFile.cpp:WavInFile::readHeaderBlock() that can result in arbitrary code execution. This attack appear to be exploitable via victim must open maliocius file in soundstretch utility.
soundtouch version up to and including 2.0.0 contains a Buffer Overflo ...
4.2 Medium
CVSS3