[Bug 527033] Re: CVE-2008-5824 audiofile denial of service (application crash) or possibly execute arbitrary code via a crafted WAV file

Launchpad Bug Tracker Tue, 16 Mar 2010 10:18:06 -0700

This bug was fixed in the package audiofile - 0.2.6-7ubuntu1.8.10.1

---------------
audiofile (0.2.6-7ubuntu1.8.10.1) intrepid-security; urgency=low


  * SECURITY UPDATE: Heap-based buffer overflow in msadpcm.c in libaudiofile
    in audiofile 0.2.6 allows context-dependent attackers to cause a denial
    of service (application crash) or possibly execute arbitrary code via a
    crafted WAV file.  (LP: #527033)
    - debian/patches/22_CVE-2008-5824.dpatch: Fix buffer overflow when
      decompressing MS ADPCM .wav files.
    - CVE-2008-5824
 -- Stefan Lesicnik <ste...@lsd.lsd.co.za>   Tue, 02 Mar 2010 15:59:08 +0200

** Changed in: audiofile (Ubuntu Hardy)
       Status: Confirmed => Fix Released

-- 
CVE-2008-5824 audiofile denial of service (application crash) or possibly 
execute arbitrary code via a crafted WAV file
https://bugs.launchpad.net/bugs/527033
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 527033] Re: CVE-2008-5824 audiofile denial of service (application crash) or possibly execute arbitrary code via a crafted WAV file

Reply via email to