CVE-2014-9496

Published: Jan 16, 2015

Modified: Aug 6, 2024

PUBLISHED

Description

The sd2_parse_rsrc_fork function in sd2.c in libsndfile allows attackers to have unspecified impact via vectors related to a (1) map offset or (2) rsrc marker, which triggers an out-of-bounds read.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

71796

vdb-entry

x_refsource_BID

https://github.com/erikd/libsndfile/issues/93

x_refsource_CONFIRM

openSUSE-SU-2015:0041

vendor-advisory

x_refsource_SUSE

MDVSA-2015:024

vendor-advisory

x_refsource_MANDRIVA

https://github.com/erikd/libsndfile/commit/dbe14f00030af5d3577f4cabbf9861db59e9c378

x_refsource_CONFIRM

USN-2832-1

vendor-advisory

x_refsource_UBUNTU

62320

third-party-advisory

x_refsource_SECUNIA

GLSA-201612-03

vendor-advisory

x_refsource_GENTOO

http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html

x_refsource_CONFIRM

http://advisories.mageia.org/MGASA-2015-0015.html

x_refsource_CONFIRM

[oss-security] 20150103 Re: Re: CVE Request: libsndfile buffer overread

mailing-list

x_refsource_MLIST

20190411 [SECURITY] [DSA 4430-1] wpa security update

mailing-list

x_refsource_BUGTRAQ

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2014-9496

Description

Affected Products

References