CVE-2009-0186
Published: 5 March 2009
Integer overflow in libsndfile 1.0.18, as used in Winamp and other products, allows context-dependent attackers to execute arbitrary code via crafted description chunks in a CAF audio file, leading to a heap-based buffer overflow.
Priority
Status
Package | Release | Status |
---|---|---|
libsndfile Launchpad, Ubuntu, Debian |
upstream |
Released
(1.0.19)
|
dapper |
Released
(1.0.12-3ubuntu1.1)
|
|
gutsy |
Released
(1.0.17-4ubuntu0.7.10.1)
|
|
hardy |
Released
(1.0.17-4ubuntu0.8.04.1)
|
|
intrepid |
Released
(1.0.17-4ubuntu0.8.10.1)
|
|
Patches: vendor: https://bugzilla.redhat.com/attachment.cgi?id=333940 (same as upstream) |