Ubuntu Security Notice (C) 2011-2013 Canonical, Inc. / NASL script (C) 2011-2013 Tenable Network Security, Inc.
The remote Ubuntu host is missing a security-related patch.
Hossein Lotfi discovered that libsndfile did not properly verify the
header length and number of channels for PARIS Audio Format (PAF)
audio files. An attacker could exploit this to cause a denial of
service via application crash, or possibly execute arbitrary code with
the privileges of the user invoking the program.
Update the affected libsndfile1 package.
Risk factor :
Medium / CVSS Base Score : 6.8
CVSS Temporal Score : 5.9
Public Exploit Available : false