FreeBSD : libsndfile -- multiple vulnerabilities (6355efdb-4d4d-11de-8811-0030843d3802)
High Nessus Plugin ID 38964
SynopsisThe remote FreeBSD host is missing a security-related update.
DescriptionSecunia reports :
Two vulnerabilities have been reported in libsndfile, which can be exploited by malicious people to compromise an application using the library.
A boundary error exists within the 'voc_read_header()' function in src/voc.c. This can be exploited to cause a heap-based buffer overflow via a specially crafted VOC file.
A boundary error exists within the 'aiff_read_header()' function in src/aiff.c. This can be exploited to cause a heap-based buffer overflow via a specially crafted AIFF file.
SolutionUpdate the affected package.