CVE-2017-6827

HIGH7.8EPSS 30.4%

audiofile - security update

Published: 3/15/2017Modified: 4/28/2026

Description

Heap-based buffer overflow in the MSADPCM::initializeCoefficients function in MSADPCM.cpp in audiofile (aka libaudiofile and Audio File Library) 0.3.6 allows remote attackers to have unspecified impact via a crafted audio file.

Affected packages (3)

Debian/audiofilefrom 0, < 0.3.6-4
Debian/audiofilefrom 0, < 0.3.4-2+deb7u1
Debian/audiofilefrom 0, < 0.3.6-2+deb8u2

CVSS scores

Source	Version	Severity	Vector
osv	CVSS 3.1	HIGH7.8	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2017-6827