Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-5008

Overview

Vulnerability Score 9.3 9.3
CVE Id CVE-2008-5008
Last Modified 30 Oct 2012 11:06:29
Published 10 Nov 2008 09:12:56
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2008-5008

Summary

Buffer overflow in src/src_sinc.c in Secret Rabbit Code (aka SRC or libsamplerate) before 0.1.4, when "extreme low conversion ratios" are used, allows user-assisted attackers to have an unknown impact via a crafted audio file.

Vulnerable Systems

Application

  • Mega-nerd Secret Rabbit Code 0.0.0

  • Mega-nerd Secret Rabbit Code 0.0.11

  • Mega-nerd Secret Rabbit Code 0.0.12

  • Mega-nerd Secret Rabbit Code 0.0.13

  • Mega-nerd Secret Rabbit Code 0.0.14

  • Mega-nerd Secret Rabbit Code 0.0.15

  • Mega-nerd Secret Rabbit Code 0.0.2

  • Mega-nerd Secret Rabbit Code 0.0.7

  • Mega-nerd Secret Rabbit Code 0.0.9

  • Mega-nerd Secret Rabbit Code 0.1.0

  • Mega-nerd Secret Rabbit Code 0.1.1

  • Mega-nerd Secret Rabbit Code 0.1.2

  • Mega-nerd Secret Rabbit Code 0.1.3


References

BID - 32090

MLIST - [oss-security] 20081103 CVE Request (libsamplerate)

CONFIRM - http://www.mega-nerd.com/SRC/ChangeLog

MANDRIVA - MDVSA-2008:238

GENTOO - GLSA-200812-05

XF - secretrabbitcode-srcsinc-bo(46542)


Last Updated: 27 May 2016 10:49:46