CVSS: 8.8EPSS: 23%CPEs: 8EXPL: 2CVE-2018-17095 – audiofile: Heap-based buffer overflow in Expand3To4Module::run() when running sfconvert
https://notcve.org/view.php?id=CVE-2018-17095
16 Sep 2018 — An issue has been discovered in mpruett Audio File Library (aka audiofile) 0.3.6, 0.3.5, 0.3.4, 0.3.3, 0.3.2, 0.3.1, 0.3.0. A heap-based buffer overflow in Expand3To4Module::run has occurred when running sfconvert. Se ha descubierto un problema en mpruett Audio File Library (también conocido como audiofile) versiones 0.3.6, 0.3.5, 0.3.4, 0.3.3, 0.3.2, 0.3.1, 0.3.0. Ha ocurrido un desbordamiento de búfer basado en memoria dinámica (heap) en Expand3To4Module::run al ejecutar sfconvert It was discovered that a... • https://github.com/mpruett/audiofile/issues/50 • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 40%CPEs: 6EXPL: 0CVE-2015-7747 – Ubuntu Security Notice USN-2787-1
https://notcve.org/view.php?id=CVE-2015-7747
29 Oct 2015 — Buffer overflow in the afReadFrames function in audiofile (aka libaudiofile and Audio File Library) allows user-assisted remote attackers to cause a denial of service (program crash) or possibly execute arbitrary code via a crafted audio file, as demonstrated by sixteen-stereo-to-eight-mono.c. Un desbordamiento del búfer en la función afReadFrames en audiofile (también se conoce como libaudiofile and Audio File Library), permite a atacantes remotos asistidos por el usuario causar una denegación de servicio ... • http://lists.fedoraproject.org/pipermail/package-announce/2015-November/170387.html • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •