CVE-2017-6831

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2017-6831

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-6831.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2017-6831

Related

Published

2017-03-20T16:59:02Z

Modified

2024-09-18T02:50:17.427259Z

Severity

5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVSS Calculator

Summary

[none]

Details

Heap-based buffer overflow in the decodeBlockWAVE function in IMA.cpp in Audio File Library (aka audiofile) 0.3.6, 0.3.5, 0.3.4, 0.3.3, 0.3.2, 0.3.1, 0.3.0 and 0.2.7 allows remote attackers to cause a denial of service (crash) via a crafted file.

References

Affected packages

Debian:11 / audiofile

Package

Name: audiofile
Purl: pkg:deb/debian/audiofile?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0.3.6-4

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:12 / audiofile

Package

Name: audiofile
Purl: pkg:deb/debian/audiofile?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0.3.6-4

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:13 / audiofile

Package

Name: audiofile
Purl: pkg:deb/debian/audiofile?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0.3.6-4

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Git / github.com/antlarr/audiofile

Affected ranges

Type: GIT
Repo: https://github.com/antlarr/audiofile
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

a2e9eab8ea87c4ffc494d839ebb4ea145eb9f2e6

Type: GIT
Repo: https://github.com/mpruett/audiofile
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Last affected

0fded995a7a29aac46bda56c84555048305c6bf8

Last affected

2ff39015082e33b97e546c30ecb4170cd73b3285

Last affected

382ed422033d53bd711ace66394c5249a5e214a4

Last affected

7113d9f09177e5f1919698fa4610936b0b0013b1

Last affected

bae63371740e659b25d3b780f059dcafdef9b25b

Last affected

d19a5ace5ae891c778cbc710d78634de6084b846

Last affected

f7d4869217acf7f4771d148002d4287f31e1c2d8

Last affected

fe639fca31befbfbdf1bf45c7593fff1386d67da

Affected versions

audiofile-0.*

audiofile-0.2.1

audiofile-0.2.2

audiofile-0.2.3

audiofile-0.2.4

audiofile-0.2.5

audiofile-0.2.6

audiofile-0.2.7

audiofile-0.3.0

audiofile-0.3.1

audiofile-0.3.2

audiofile-0.3.3

audiofile-0.3.4

audiofile-0.3.5

audiofile-0.3.6