CVE-2009-0186

Published: 05 March 2009

Integer overflow in libsndfile 1.0.18, as used in Winamp and other products, allows context-dependent attackers to execute arbitrary code via crafted description chunks in a CAF audio file, leading to a heap-based buffer overflow.

Priority

Medium

Status

Package Release Status
libsndfile
Launchpad, Ubuntu, Debian
Upstream
Released (1.0.19)
Patches:
Vendor: https://bugzilla.redhat.com/attachment.cgi?id=333940 (same as upstream)