CVE-2009-1791
Published: 26 May 2009
Heap-based buffer overflow in aiff_read_header in libsndfile 1.0.15 through 1.0.19, as used in Winamp 5.552 and possibly other media programs, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via an AIFF file with an invalid header value.
Priority
Status
Package | Release | Status |
---|---|---|
libsndfile Launchpad, Ubuntu, Debian |
dapper |
Ignored
(end of life)
|
hardy |
Released
(1.0.17-4ubuntu0.8.04.2)
|
|
intrepid |
Released
(1.0.17-4ubuntu0.8.10.2)
|
|
jaunty |
Released
(1.0.17-4ubuntu1.1)
|
|
upstream |
Released
(1.0.20-1)
|
|
Patches: upstream: http://www.mega-nerd.com/erikd/Blog/files/voc-aiff-patch-1.0.17.diff |