CVE-2007-4974
Published Sep 19, 2007
Last updated 13 years ago
Overview
- Description
- Heap-based buffer overflow in the flac_buffer_copy function in libsndfile 1.0.17 and earlier might allow remote attackers to execute arbitrary code via a FLAC file with crafted PCM data containing a block with a size that exceeds the previous block size.
- Source
- cve@mitre.org
- NVD status
- Analyzed
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 7.5
- Impact score
- 6.4
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:P/I:P/A:P
Weaknesses
- nvd@nist.gov
- CWE-119
Social media
- Hype score
- Not currently trending
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mega-nerd:libsndfile:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "854C9069-DBEB-4DAE-B9AB-C8F9689C7A87",
"versionEndIncluding": "1.0.17"
},
{
"criteria": "cpe:2.3:a:mega-nerd:libsndfile:0.0.8:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "BC3B1750-4CC0-44EA-A029-B42B8D341191"
},
{
"criteria": "cpe:2.3:a:mega-nerd:libsndfile:0.0.28:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "98620203-42FE-4C3F-AD03-CC477712A38A"
},
{
"criteria": "cpe:2.3:a:mega-nerd:libsndfile:1.0.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4CD8A661-B9F9-46C0-AFE0-F4B0ADE25CB5"
},
{
"criteria": "cpe:2.3:a:mega-nerd:libsndfile:1.0.0:rc1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3FE94C03-86CE-4FF7-B2A2-3BC3D6F18810"
},
{
"criteria": "cpe:2.3:a:mega-nerd:libsndfile:1.0.0:rc6:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "22C7A5B0-6D12-46D3-8474-133C936D4788"
},
{
"criteria": "cpe:2.3:a:mega-nerd:libsndfile:1.0.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "93CC8970-3901-46B7-9BBA-323F0B600A38"
},
{
"criteria": "cpe:2.3:a:mega-nerd:libsndfile:1.0.10:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6A37DA09-D58A-4B3B-86D7-6447CF11B869"
},
{
"criteria": "cpe:2.3:a:mega-nerd:libsndfile:1.0.11:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0080125E-B49E-4A39-8CEB-A309D8F35074"
},
{
"criteria": "cpe:2.3:a:mega-nerd:libsndfile:1.0.12:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6A03E3DF-F506-4476-BB3B-7ACE69717632"
},
{
"criteria": "cpe:2.3:a:mega-nerd:libsndfile:1.0.13:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "CAD0D6ED-4C26-4278-929D-CC874B4A974E"
},
{
"criteria": "cpe:2.3:a:mega-nerd:libsndfile:1.0.14:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "860DAC59-7CB7-4FCA-9198-B2E0E2C313D1"
},
{
"criteria": "cpe:2.3:a:mega-nerd:libsndfile:1.0.15:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "570D85F0-F757-488A-A059-54BF0810F1E0"
},
{
"criteria": "cpe:2.3:a:mega-nerd:libsndfile:1.0.16:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E28BC682-E6B1-4A63-9734-FDB6019B9AE0"
}
],
"operator": "OR"
}
]
}
]