CVE-2017-14245CVE-2017-14245

Affected configuration(s):

cpe:/a:libsndfile_project:libsndfile:1.0.28

Date published: 2017-09-21T09:29:00.203-04:00

Date last modified: 2017-09-27T13:36:20.863-04:00

CVSS Score: 5.8

Principal attack vector: NETWORK

Complexity:  MEDIUM

Reference URL: https://github.com/erikd/libsndfile/issues/317

Summary: An out of bounds read in the function d2alaw_array() in alaw.c of libsndfile 1.0.28 may lead to a remote DoS attack or information disclosure, related to mishandling of the NAN and INFINITY floating-point values.

CategoriesUncategorised

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.