CVE-2018-1000223
Published: 20 August 2018
soundtouch version up to and including 2.0.0 contains a Buffer Overflow vulnerability in SoundStretch/WavFile.cpp:WavInFile::readHeaderBlock() that can result in arbitrary code execution. This attack appear to be exploitable via victim must open maliocius file in soundstretch utility.
From the Ubuntu Security Team
It was discovered that SoundTouch incorrectly handled ccertain WAV files. A remote attacker could possibly use this issue to cause arbitrary code execution.
Priority
Status
Package | Release | Status |
---|---|---|
soundtouch Launchpad, Ubuntu, Debian |
bionic |
Released
(1.9.2-3ubuntu0.1~esm1)
Available with Ubuntu Pro |
cosmic |
Ignored
(end of life)
|
|
disco |
Released
(2.1.2+ds1-1)
|
|
eoan |
Released
(2.1.2+ds1-1)
|
|
focal |
Released
(2.1.2+ds1-1)
|
|
groovy |
Released
(2.1.2+ds1-1)
|
|
hirsute |
Released
(2.1.2+ds1-1)
|
|
impish |
Released
(2.1.2+ds1-1)
|
|
jammy |
Released
(2.1.2+ds1-1)
|
|
kinetic |
Released
(2.1.2+ds1-1)
|
|
lunar |
Released
(2.1.2+ds1-1)
|
|
trusty |
Released
(1.7.1-5ubuntu0.1~esm1)
Available with Ubuntu Pro or Ubuntu Pro (Infra-only) |
|
upstream |
Needs triage
|
|
xenial |
Released
(1.9.2-2+deb9u1ubuntu0.1~esm1)
Available with Ubuntu Pro |
Severity score breakdown
Parameter | Value |
---|---|
Base score | 8.8 |
Attack vector | Network |
Attack complexity | Low |
Privileges required | None |
User interaction | Required |
Scope | Unchanged |
Confidentiality | High |
Integrity impact | High |
Availability impact | High |
Vector | CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |