Candidate: CVE-2016-2540
PublicDate: 2018-02-07 17:29:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2540
 http://wiki.audacityteam.org/wiki/Release_Notes_2.1.2
 https://fortiguard.com/zeroday/FG-VD-15-116
Description:
 Audacity before 2.1.2 allows remote attackers to cause a denial of service
 (memory corruption and application crash) via a crafted FORMATCHUNK
 structure.
Ubuntu-Description:
Notes:
Bugs:
Priority: low
Discovered-by:
Assigned-to:
CVSS:
 nvd: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H [5.5 MEDIUM]


Patches_audacity:
upstream_audacity: released (2.1.2-1)
precise/esm_audacity: DNE
trusty_audacity: ignored (reached end-of-life)
trusty/esm_audacity: DNE (trusty was needed)
xenial_audacity: not-affected (2.1.2-1)
artful_audacity: not-affected (2.1.2-2)
bionic_audacity: not-affected
cosmic_audacity: not-affected
disco_audacity: not-affected
devel_audacity: not-affected