CVE-2011-2696

EPSS 8.9%

libsndfile - integer overflow

發布日:2011/7/27修改日:2026/4/28

描述

Integer overflow in libsndfile before 1.0.25 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PARIS Audio Format (PAF) file that triggers a heap-based buffer overflow.

受影響套件(2)

Debian/libsndfilefrom 0, < 1.0.25-1
Debian/libsndfilefrom 0, < 1.0.21-3+squeeze1

參考連結(1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2011-2696