Executive Summary
Summary | |
---|---|
Title | libsndfile vulnerability |
Informations | |||
---|---|---|---|
Name | USN-749-1 | First vendor Publication | 2009-03-30 |
Vendor | Ubuntu | Last vendor Modification | 2009-03-30 |
Severity (Vendor) | N/A | Revision | N/A |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:M/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 9.3 | Attack Range | Network |
Cvss Impact Score | 10 | Attack Complexity | Medium |
Cvss Expoit Score | 8.6 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
A security issue affects the following Ubuntu releases: Ubuntu 6.06 LTS Ubuntu 7.10 Ubuntu 8.04 LTS Ubuntu 8.10 This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 6.06 LTS: Ubuntu 7.10: Ubuntu 8.04 LTS: Ubuntu 8.10: After a standard system upgrade you need to restart your session to effect the necessary changes. Details follow: It was discovered that libsndfile did not correctly handle description chunks in CAF audio files. If a user or automated system were tricked into opening a specially crafted CAF audio file, an attacker could execute arbitrary code with the privileges of the user invoking the program. |
Original Source
Url : http://www.ubuntu.com/usn/USN-749-1 |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
100 % | CWE-189 | Numeric Errors (CWE/SANS Top 25) |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:12784 | |||
Oval ID: | oval:org.mitre.oval:def:12784 | ||
Title: | DSA-1742-1 libsndfile -- integer overflow | ||
Description: | Alan Rad Pop discovered that libsndfile, a library to read and write sampled audio data, is prone to an integer overflow. This causes a heap-based buffer overflow when processing crafted CAF description chunks possibly leading to arbitrary code execution. For the oldstable distribution this problem has been fixed in version 1.0.16-2+etch1. For the stable distribution this problem has been fixed in version 1.0.17-4+lenny1. For the unstable distribution this problem has been fixed in version 1.0.19-1. We recommend that you upgrade your libsndfile packages. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-1742-1 CVE-2009-0186 | Version: | 5 |
Platform(s): | Debian GNU/Linux 5.0 Debian GNU/Linux 4.0 | Product(s): | libsndfile |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:13111 | |||
Oval ID: | oval:org.mitre.oval:def:13111 | ||
Title: | USN-749-1 -- libsndfile vulnerability | ||
Description: | It was discovered that libsndfile did not correctly handle description chunks in CAF audio files. If a user or automated system were tricked into opening a specially crafted CAF audio file, an attacker could execute arbitrary code with the privileges of the user invoking the program. | ||
Family: | unix | Class: | patch |
Reference(s): | USN-749-1 CVE-2009-0186 | Version: | 5 |
Platform(s): | Ubuntu 7.10 Ubuntu 8.04 Ubuntu 6.06 Ubuntu 8.10 | Product(s): | libsndfile |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:25537 | |||
Oval ID: | oval:org.mitre.oval:def:25537 | ||
Title: | Integer overflow in libsndfile 1.0.18, as used in Winamp and other products | ||
Description: | Integer overflow in libsndfile 1.0.18, as used in Winamp and other products, allows context-dependent attackers to execute arbitrary code via crafted description chunks in a CAF audio file, leading to a heap-based buffer overflow. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2009-0186 | Version: | 4 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows 7 Microsoft Windows Server 2008 R2 Microsoft Windows 8 Microsoft Windows Server 2012 Microsoft Windows 8.1 Microsoft Windows Server 2012 R2 | Product(s): | Winamp |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:7904 | |||
Oval ID: | oval:org.mitre.oval:def:7904 | ||
Title: | DSA-1742 libsndfile -- integer overflow | ||
Description: | Alan Rad Pop discovered that libsndfile, a library to read and write sampled audio data, is prone to an integer overflow. This causes a heap-based buffer overflow when processing crafted CAF description chunks possibly leading to arbitrary code execution. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-1742 CVE-2009-0186 | Version: | 3 |
Platform(s): | Debian GNU/Linux 5.0 Debian GNU/Linux 4.0 | Product(s): | libsndfile |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
OpenVAS Exploits
Date | Description |
---|---|
2009-12-10 | Name : Fedora Core 10 FEDORA-2009-11499 (libsndfile) File : nvt/fcore_2009_11499.nasl |
2009-12-10 | Name : Fedora Core 11 FEDORA-2009-11618 (libsndfile) File : nvt/fcore_2009_11618.nasl |
2009-10-13 | Name : SLES10: Security update for libsndfile File : nvt/sles10_libsndfile.nasl |
2009-10-11 | Name : SLES11: Security update for libsndfile File : nvt/sles11_libsndfile.nasl |
2009-04-20 | Name : Gentoo Security Advisory GLSA 200904-16 (libsndfile) File : nvt/glsa_200904_16.nasl |
2009-04-06 | Name : SuSE Security Summary SUSE-SR:2009:008 File : nvt/suse_sr_2009_008.nasl |
2009-04-06 | Name : Ubuntu USN-749-1 (libsndfile) File : nvt/ubuntu_749_1.nasl |
2009-03-20 | Name : Debian Security Advisory DSA 1742-1 (libsndfile) File : nvt/deb_1742_1.nasl |
2009-03-20 | Name : FreeBSD Ports: libsndfile File : nvt/freebsd_libsndfile.nasl |
2009-03-07 | Name : Mandrake Security Advisory MDVSA-2009:067 (libsndfile) File : nvt/mdksa_2009_067.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
54653 | libsndfile CAF File Description Chunk Processing Overflow |
Snort® IPS/IDS
Date | Description |
---|---|
2014-01-10 | Nullsoft Winamp CAF file processing integer overflow attempt RuleID : 16683 - Revision : 12 - Type : FILE-MULTIMEDIA |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2009-12-03 | Name : The remote Fedora host is missing a security update. File : fedora_2009-11499.nasl - Type : ACT_GATHER_INFO |
2009-12-03 | Name : The remote Fedora host is missing a security update. File : fedora_2009-11618.nasl - Type : ACT_GATHER_INFO |
2009-09-24 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_libsndfile-090317.nasl - Type : ACT_GATHER_INFO |
2009-09-24 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_libsndfile-6040.nasl - Type : ACT_GATHER_INFO |
2009-07-21 | Name : The remote openSUSE host is missing a security update. File : suse_11_0_libsndfile-090305.nasl - Type : ACT_GATHER_INFO |
2009-07-21 | Name : The remote openSUSE host is missing a security update. File : suse_11_1_libsndfile-090305.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2009-067.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-749-1.nasl - Type : ACT_GATHER_INFO |
2009-04-21 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200904-16.nasl - Type : ACT_GATHER_INFO |
2009-04-03 | Name : The remote openSUSE host is missing a security update. File : suse_libsndfile-6044.nasl - Type : ACT_GATHER_INFO |
2009-03-17 | Name : The remote FreeBSD host is missing a security-related update. File : freebsd_pkg_c5af0747126211dea9640030843d3802.nasl - Type : ACT_GATHER_INFO |
2009-03-16 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1742.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 12:05:49 |
|