CVE-2017-7586

Опубликовано: 07 апр. 2017

Источник: ubuntu

Приоритет: low

EPSS Низкий

CVSS2: 4.3

CVSS3: 5.5

Описание

In libsndfile before 1.0.28, an error in the "header_read()" function (common.c) when handling ID3 tags can be exploited to cause a stack-based buffer overflow via a specially crafted FLAC file.

Релиз	Статус	Примечание
devel	not-affected	1.0.27-3
esm-infra-legacy/trusty	released	1.0.25-7ubuntu2.2
esm-infra/xenial	released	1.0.25-10ubuntu0.16.04.1
precise	ignored	end of life
precise/esm	DNE	precise was needed
trusty	released	1.0.25-7ubuntu2.2
trusty/esm	released	1.0.25-7ubuntu2.2
upstream	released	1.0.27-2
vivid/stable-phone-overlay	ignored	end of life
vivid/ubuntu-core	DNE

Показывать по

Ссылки на источники

EPSS

Процентиль: 54%

0.00318

Низкий

4.3 Medium

CVSS2

5.5 Medium

CVSS3

Связанные уязвимости

CVE-2017-7586

CVSS3: 3.3

redhat

почти 9 лет назад

In libsndfile before 1.0.28, an error in the "header_read()" function (common.c) when handling ID3 tags can be exploited to cause a stack-based buffer overflow via a specially crafted FLAC file.

CVE-2017-7586

CVSS3: 5.5

nvd

почти 9 лет назад

In libsndfile before 1.0.28, an error in the "header_read()" function (common.c) when handling ID3 tags can be exploited to cause a stack-based buffer overflow via a specially crafted FLAC file.

CVE-2017-7586

CVSS3: 5.5

debian

почти 9 лет назад

In libsndfile before 1.0.28, an error in the "header_read()" function ...

GHSA-5jpx-m5hp-3gpv

CVSS3: 5.5

github

больше 3 лет назад

In libsndfile before 1.0.28, an error in the "header_read()" function (common.c) when handling ID3 tags can be exploited to cause a stack-based buffer overflow via a specially crafted FLAC file.

openSUSE-SU-2017:1107-1

suse-cvrf

почти 9 лет назад

Security update for libsndfile

EPSS

Процентиль: 54%

0.00318

Низкий

4.3 Medium

CVSS2

5.5 Medium

CVSS3

CVE-2017-7586

Описание

Пакет libsndfile

Ссылки на источники

Связанные уязвимости