Computer Security
[EN] securityvulns.ru no-pyccku


libsndfile / WinAmp buffer overflow
updated since 21.05.2009
Published:29.05.2009
Source:
SecurityVulns ID:9921
Type:library
Threat Level:
6/10
Description:Heap buffer overflow on .VOC files processing. Buffer overflow on AIFF parsing.
Affected:LIBSNDFILE : libsndfile 1.0
 NULLSOFT : Winamp 5.5
CVE:CVE-2009-1791 (Heap-based buffer overflow in aiff_read_header in libsndfile 1.0.15 through 1.0.19, as used in Winamp 5.552 and possibly other media programs, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via an AIFF file with an invalid header value.)
 CVE-2009-1788 (Heap-based buffer overflow in voc_read_header in libsndfile 1.0.15 through 1.0.19, as used in Winamp 5.552 and possibly other media programs, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a VOC file with an invalid header value.)
Original documentdocumentGENTOO, [ GLSA 200905-09 ] libsndfile: User-assisted execution of arbitrary code (29.05.2009)
 documenttk_(at)_trapkit.de, [TKADV2009-006] libsndfile/Winamp VOC Processing Heap Buffer Overflow (21.05.2009)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod