#VU15679 Heap-based buffer overflow in audiofile - CVE-2018-17095
Vulnerability identifier: #VU15679
Vulnerability risk: High
CVSSv4.0: 7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/U:Amber]
CVE-ID:
CWE-ID:
CWE-122
Exploitation vector: Network
Exploit availability: No
Vulnerable software:
audiofile
Client/Desktop applications /
Multimedia software
Vendor: Michael Pruett
Description
The vulnerability allows a local attacker to gain elevated privileges on the target system.
The vulnerability exists in the ModuleState::setup function due to a heap-based buffer overflow condition that occurs when running sfconvert. A remote attacker can trick the victim into opening or executing a specially crafted file that submits malicious input, trigger memory corruption and cause the service to crash or execute arbitrary code with elevated privileges.
Successful exploitation of the vulnerability may result in system compromise.
Mitigation
Update to version 0.3.6-2.
Vulnerable software versions
audiofile: 0.3.6
External links
https://github.com/mpruett/audiofile/issues/50
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
