Integer overflow in libsndfile 1.0.18, as used in Winamp and other products, allows context-dependent attackers to execute arbitrary code via crafted description chunks in a CAF audio file, leading to a heap-based buffer overflow.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Winamp | Nullsoft | 5.55 (including) | 5.55 (including) |
Winamp | Nullsoft | 5.541 (including) | 5.541 (including) |
Libsndfile | Ubuntu | dapper | * |
Libsndfile | Ubuntu | devel | * |
Libsndfile | Ubuntu | gutsy | * |
Libsndfile | Ubuntu | hardy | * |
Libsndfile | Ubuntu | intrepid | * |
Libsndfile | Ubuntu | upstream | * |