FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

libaudiofile -- heap-based overflow in Microsoft ADPCM compression module

Affected packages
libaudiofile < 0.2.7
linux-f10-libaudiofile < 0.2.7

Details

VuXML ID 09f47c51-c1a6-11e3-a5ac-001b21614864
Discovery 2008-12-30
Entry 2014-04-11
Modified 2014-04-30

Debian reports:

Heap-based buffer overflow in msadpcm.c in libaudiofile in audiofile 0.2.6 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted WAV file.

References

CVE Name CVE-2014-0159
URL https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=510205