Your submission was sent successfully! Close

CVE-2011-2696

Published: 21 July 2011

Integer overflow in libsndfile before 1.0.25 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PARIS Audio Format (PAF) file that triggers a heap-based buffer overflow.

Priority

Medium

Status

Package Release Status
libsndfile
Launchpad, Ubuntu, Debian
Upstream
Released (1.0.25-1)
Patches:
upstream: r1610
Vendor: https://rhn.redhat.com/errata/RHSA-2011-1084.html