Mandriva Linux Security Advisory : libsndfile (MDVSA-2011:119)

This script is Copyright (C) 2011-2014 Tenable Network Security, Inc.

Synopsis :

The remote Mandriva Linux host is missing one or more security

Description :

A vulnerability was discovered and corrected in libsndfile :

An integer overflow flaw, leading to a heap-based buffer overflow, was
found in the way the libsndfile library processed certain Ensoniq
PARIS Audio Format (PAF) audio files. An attacker could create a
specially crafted PAF file that, when opened, could cause an
application using libsndfile to crash or, potentially, execute
arbitrary code with the privileges of the user running the application

Packages for 2009.0 are provided as of the Extended Maintenance
Program. Please visit this link to learn more: products_id=490

The updated packages have been patched to correct this issue.

See also :

Solution :

Update the affected packages.

Risk factor :

Medium / CVSS Base Score : 6.8

Family: Mandriva Local Security Checks

Nessus Plugin ID: 55683 ()

Bugtraq ID:

CVE ID: CVE-2011-2696

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now