9.3 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
7.1 High
AI Score
Confidence
High
0.11 Low
EPSS
Percentile
95.1%
Package : libsndfile
Version : 1.0.21-3+squeeze2
CVE ID : CVE-2014-9496 CVE-2014-9756 CVE-2015-7805
Debian Bug : 774162 804445 804447
CVE-2014-9496
The sd2_parse_rsrc_fork function in sd2.c in libsndfile allows
attackers to have unspecified impact via vectors related to a (1) map
offset or (2) rsrc marker, which triggers an out-of-bounds read.
CVE-2014-9756
The psf_fwrite function in file_io.c in libsndfile allows attackers to
cause a denial of service (divide-by-zero error and application crash)
via unspecified vectors related to the headindex variable.
CVE-2015-7805
Heap-based buffer overflow in libsndfile 1.0.25 allows remote
attackers to have unspecified impact via the headindex value in the
header in an AIFF file.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Debian | 8 | i386 | sndfile-programs | < 1.0.25-9.1+deb8u1 | sndfile-programs_1.0.25-9.1+deb8u1_i386.deb |
Debian | 8 | armel | libsndfile1-dev | < 1.0.25-9.1+deb8u1 | libsndfile1-dev_1.0.25-9.1+deb8u1_armel.deb |
Debian | 6 | amd64 | sndfile-programs | < 1.0.21-3+squeeze2 | sndfile-programs_1.0.21-3+squeeze2_amd64.deb |
Debian | 7 | amd64 | libsndfile1-dev | < 1.0.25-9.1+deb7u1 | libsndfile1-dev_1.0.25-9.1+deb7u1_amd64.deb |
Debian | 7 | armel | libsndfile1-dev | < 1.0.25-9.1+deb7u1 | libsndfile1-dev_1.0.25-9.1+deb7u1_armel.deb |
Debian | 8 | mipsel | sndfile-programs-dbg | < 1.0.25-9.1+deb8u1 | sndfile-programs-dbg_1.0.25-9.1+deb8u1_mipsel.deb |
Debian | 8 | powerpc | sndfile-programs | < 1.0.25-9.1+deb8u1 | sndfile-programs_1.0.25-9.1+deb8u1_powerpc.deb |
Debian | 8 | ppc64el | sndfile-programs | < 1.0.25-9.1+deb8u1 | sndfile-programs_1.0.25-9.1+deb8u1_ppc64el.deb |
Debian | 8 | arm64 | sndfile-programs-dbg | < 1.0.25-9.1+deb8u1 | sndfile-programs-dbg_1.0.25-9.1+deb8u1_arm64.deb |
Debian | 8 | armhf | sndfile-programs | < 1.0.25-9.1+deb8u1 | sndfile-programs_1.0.25-9.1+deb8u1_armhf.deb |