Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2017-16793

Опубликовано: 12 нояб. 2017
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS2: 6.8
CVSS3: 7.8

Описание

The wav_convert2mono function in lib/wav.c in SWFTools 0.9.2 does not properly validate WAV data, which allows remote attackers to cause a denial of service (incorrect malloc and heap-based buffer overflow) or possibly have unspecified other impact via a crafted file.

РелизСтатусПримечание
artful

ignored

end of life
bionic

ignored

end of standard support, was needed
cosmic

ignored

end of life
devel

DNE

disco

ignored

end of life
eoan

DNE

esm-apps/bionic

needed

esm-apps/xenial

needed

esm-infra-legacy/trusty

DNE

trusty/esm was DNE [trusty was needed]
esm-infra/focal

DNE

Показывать по

Ссылки на источники

EPSS

Процентиль: 46%
0.00236
Низкий

6.8 Medium

CVSS2

7.8 High

CVSS3

Связанные уязвимости

nvd логотип

CVE-2017-16793

CVSS3: 7.8
nvd
около 8 лет назад

The wav_convert2mono function in lib/wav.c in SWFTools 0.9.2 does not properly validate WAV data, which allows remote attackers to cause a denial of service (incorrect malloc and heap-based buffer overflow) or possibly have unspecified other impact via a crafted file.

debian логотип

CVE-2017-16793

CVSS3: 7.8
debian
около 8 лет назад

The wav_convert2mono function in lib/wav.c in SWFTools 0.9.2 does not ...

github логотип

GHSA-6h4m-7f2h-7r2r

CVSS3: 7.8
github
больше 3 лет назад

The wav_convert2mono function in lib/wav.c in SWFTools 0.9.2 does not properly validate WAV data, which allows remote attackers to cause a denial of service (incorrect malloc and heap-based buffer overflow) or possibly have unspecified other impact via a crafted file.

EPSS

Процентиль: 46%
0.00236
Низкий

6.8 Medium

CVSS2

7.8 High

CVSS3