Lucene search

[email protected]NVD:CVE-2015-7805

HistoryNov 17, 2015 - 3:59 p.m.

CVE-2015-7805

2015-11-1715:59:12

CWE-119

[email protected]

web.nvd.nist.gov

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

9.9 High

AI Score

Confidence

High

0.11 Low

EPSS

Percentile

95.1%

JSON

Heap-based buffer overflow in libsndfile 1.0.25 allows remote attackers to have unspecified impact via the headindex value in the header in an AIFF file.

Affected configurations

NVD

Node

opensuseopensuseMatch13.1

opensuseopensuseMatch13.2

Node

mega-nerdlibsndfileMatch1.0.25

References

lists.fedoraproject.org/pipermail/package-announce/2015-November/171466.html

lists.fedoraproject.org/pipermail/package-announce/2015-November/172593.html

lists.fedoraproject.org/pipermail/package-announce/2015-November/172607.html

lists.opensuse.org/opensuse-updates/2015-11/msg00077.html

lists.opensuse.org/opensuse-updates/2015-11/msg00145.html

packetstormsecurity.com/files/133926/libsndfile-1.0.25-Heap-Overflow.html

www.nemux.org/2015/10/13/libsndfile-1-0-25-heap-overflow/

www.openwall.com/lists/oss-security/2015/11/03/3

www.openwall.com/lists/oss-security/2015/11/03/7

www.securityfocus.com/bid/77427

www.ubuntu.com/usn/USN-2832-1

security.gentoo.org/glsa/201612-03

www.exploit-db.com/exploits/38447/

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

9.9 High

AI Score

Confidence

High

0.11 Low

EPSS

Percentile

95.1%

JSON

Related for NVD:CVE-2015-7805

openvas14 nessus20 fedora5 veracode1 cve1 prion1 ubuntucve1 debiancve1 cvelist1 mageia1 gentoo1 archlinux2 debian2 ubuntu1 osv2 slackware1 rosalinux1