CVE-2008-5824

audiofile 0.2.6 - Heap-Based Buffer Overflow via Crafted WAV File

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2008-5824. PoCs published by Anton Khirnov.

AI-analyzed exploit summary The provided text describes a heap-based buffer overflow vulnerability in libaudiofile 0.2.6, which can lead to arbitrary code execution or denial-of-service. It references a malicious WAV file but does not include actual exploit code.

Description

Heap-based buffer overflow in msadpcm.c in libaudiofile in audiofile 0.2.6 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted WAV file.

Exploits (1)

exploitdb WRITEUP VERIFIED

by Anton Khirnov · textremotelinux

https://www.exploit-db.com/exploits/32691

View Code ZIP pw:eip

The provided text describes a heap-based buffer overflow vulnerability in libaudiofile 0.2.6, which can lead to arbitrary code execution or denial-of-service. It references a malicious WAV file but does not include actual exploit code.

Classification

Writeup 90%

Attack Type

Rce

Complexity

Moderate

Reliability

Theoretical

Target: libaudiofile 0.2.6

No auth needed

Prerequisites: A vulnerable version of libaudiofile · A crafted WAV file

MITRE ATT&CK