CVE-2009-1788

EPSS 8.6%

libsndfile - arbitrary code execution

發布日:2009/5/26修改日:2026/4/28

描述

Heap-based buffer overflow in voc_read_header in libsndfile 1.0.15 through 1.0.19, as used in Winamp 5.552 and possibly other media programs, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a VOC file with an invalid header value.

受影響套件(2)

Debian/libsndfilefrom 0, < 1.0.20-1
Debian/libsndfilefrom 0, < 1.0.16-2+etch2

參考連結(1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2009-1788