CVE-2011-2696
Published: 21 July 2011
Integer overflow in libsndfile before 1.0.25 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PARIS Audio Format (PAF) file that triggers a heap-based buffer overflow.
Notes
Author | Note |
---|---|
jdstrand | bzr branch http://www.mega-nerd.com/Bzr/libsndfile-dev/ |
Priority
Status
Package | Release | Status |
---|---|---|
libsndfile Launchpad, Ubuntu, Debian |
hardy |
Ignored
(end of life)
|
lucid |
Released
(1.0.21-2ubuntu0.10.04.1)
|
|
maverick |
Released
(1.0.21-2ubuntu0.10.10.1)
|
|
natty |
Released
(1.0.23-1ubuntu0.1)
|
|
upstream |
Released
(1.0.25-1)
|
|
Patches: vendor: https://rhn.redhat.com/errata/RHSA-2011-1084.html |