CVE-2011-2696
CVE-2011-2696
Integer overflow in libsndfile before 1.0.25 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PARIS Audio Format (PAF) file that triggers a heap-based buffer overflow.
Produtos afetados
n/a · n/aQuer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →Referências
http://lists.fedoraproject.org/pipermail/package-announce/2011-July/062955.htmlhttps://bugs.gentoo.org/show_bug.cgi?id=375125https://bugzilla.redhat.com/show_bug.cgi?id=721234http://secunia.com/advisories/45125http://secunia.com/advisories/45351http://secunia.com/advisories/45384http://secunia.com/advisories/45388http://secunia.com/advisories/45433https://hermes.opensuse.org/messages/10387521http://www.debian.org/security/2011/dsa-2288http://www.mandriva.com/security/advisories?name=MDVSA-2011:119http://www.mega-nerd.com/libsndfile/ChangeLog