oss-sec mailing list archives
Re: CVE id request: audiofile
From: "Steven M. Christey" <coley () linus mitre org>
Date: Wed, 7 Jan 2009 13:27:23 -0500 (EST)
====================================================== Name: CVE-2008-5824 Status: Candidate URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5824 Reference: MLIST:[oss-security] 20081230 CVE id request: audiofile Reference: URL:http://openwall.com/lists/oss-security/2008/12/30/1 Reference: CONFIRM:http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=510205 Reference: CONFIRM:http://musicpd.org/mantis/view.php?id=1915 Heap-based buffer overflow in msadpcm.c in libaudiofile in audiofile 0.2.6 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted WAV file.
Current thread:
- Re: CVE id request: audiofile Nico Golde (Jan 03)
- <Possible follow-ups>
- Re: CVE id request: audiofile Steven M. Christey (Jan 07)