CVE-2018-17095

Sažetak

An issue has been discovered in mpruett Audio File Library (aka audiofile) 0.3.6, 0.3.5, 0.3.4, 0.3.3, 0.3.2, 0.3.1, 0.3.0. A heap-based buffer overflow in Expand3To4Module::run has occurred when running sfconvert.

Reference

https://github.com/mpruett/audiofile/issues/50
https://github.com/mpruett/audiofile/issues/51
https://usn.ubuntu.com/3800-1/
https://github.com/mpruett/audiofile/issues/50
https://github.com/mpruett/audiofile/issues/51
https://usn.ubuntu.com/3800-1/

CVSS

Base:	6.8
Impact:	6.4
Exploitability:	8.6

Pristup

Vektor	Složenost	Autentikacija
NETWORK	MEDIUM	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	PARTIAL	PARTIAL

CVSS vektor

AV:N/AC:M/Au:N/C:P/I:P/A:P

Zadnje važnije ažuriranje

13-08-2025 - 20:48

Objavljeno

16-09-2018 - 21:29