Original Issue Date:

December 07, 2009

Severity Rating: High

Overview

Multiple vulnerabilities have been reported in libsndfile package in Fedora, which could be exploited by remote attackers to cause a denial of service conditions, execute an arbitrary code or potentially compromise an affected system.

Description

" libsndfile" is a C library for reading and writing sound files such as AIFF, AU, WAV, and others through one standard interface.

1. libsndfile CAF File Processing Integer Overflow Vulnerability

This vulnerability is caused by an integer overflow error when processing CAF description chunks in libsndfile package. A remote attacker could exploit this vulnerability by tricking a user into opening a specially crafted CAF audio file to trigger heap-based buffer overflow error . Successful exploitation of this vulnerability could allow a remote attacker to cause denial of service condition or execute an arbitrary code.

2. libsndfile VOC and AIFF Files Processing Buffer Overflow Vulnerabilities (CVE-2009-1788 , CVE-2009-1791)

These vulnerabilities are caused by buffer overflow errors in the "voc_read_header()" [src/voc.c] and "aiff_read_header()" [src/aiff.c] functions when processing VOC and AIFF files in libsndfile package. A remote attacker could exploit these vulnerabilities via a specially crafted VOC and AIFF file with an invalid header values to trigger heap-based buffer overflow error . Successful exploitation of these vulnerabilities could allow a remote attacker to cause denial of service condition and possibly execute an arbitrary code.

System Affected : Fedora 11 Fedora 10

Solution

Upgrade the affected package (libsndfile)

• FEDORA PROJECT

For more information visit

• CERT-IN