CVE-2015-7805

libsndfile 1.0.25 - Buffer Overflow

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2015-7805. PoCs published by Marco Romano.

AI-analyzed exploit summary This Perl script generates a malformed AIFF file that exploits a heap overflow vulnerability in libsndfile <= 1.0.25. The crafted file manipulates the headindex and headend values to overwrite heap memory via memcpy, leading to potential remote code execution.

Description

Heap-based buffer overflow in libsndfile 1.0.25 allows remote attackers to have unspecified impact via the headindex value in the header in an AIFF file.

Exploits (1)

exploitdb WORKING POC

by Marco Romano · perllocalmultiple

https://www.exploit-db.com/exploits/38447

View Code ZIP pw:eip

This Perl script generates a malformed AIFF file that exploits a heap overflow vulnerability in libsndfile <= 1.0.25. The crafted file manipulates the headindex and headend values to overwrite heap memory via memcpy, leading to potential remote code execution.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: libsndfile <= 1.0.25

No auth needed

Prerequisites: Ability to deliver the crafted AIFF file to a target system using libsndfile

MITRE ATT&CK

T1203 - Exploitation for Client Execution

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (13)

Core 13

Core References

Mailing List mailing-list x_refsource_mlist

http://www.openwall.com/lists/oss-security/2015/11/03/7

Mailing List vendor-advisory x_refsource_suse

http://lists.opensuse.org/opensuse-updates/2015-11/msg00077.html

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/77427

Exploit x_refsource_misc

http://packetstormsecurity.com/files/133926/libsndfile-1.0.25-Heap-Overflow.html

Vendor Advisory vendor-advisory x_refsource_ubuntu

http://www.ubuntu.com/usn/USN-2832-1

Third Party Advisory vendor-advisory x_refsource_gentoo

https://security.gentoo.org/glsa/201612-03

Mailing List, Third Party Advisory vendor-advisory x_refsource_fedora

http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172607.html

Mailing List vendor-advisory x_refsource_suse

http://lists.opensuse.org/opensuse-updates/2015-11/msg00145.html

Mailing List mailing-list x_refsource_mlist

http://www.openwall.com/lists/oss-security/2015/11/03/3

Various Sources x_refsource_misc

http://www.nemux.org/2015/10/13/libsndfile-1-0-25-heap-overflow/

Mailing List, Third Party Advisory vendor-advisory x_refsource_fedora

http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172593.html

Mailing List, Third Party Advisory vendor-advisory x_refsource_fedora

http://lists.fedoraproject.org/pipermail/package-announce/2015-November/171466.html

Exploit exploit x_refsource_exploit-db

https://www.exploit-db.com/exploits/38447/

Scores

EPSS 0.5855

EPSS Percentile 98.3%

Details

CWE

CWE-119

Status published

Products (3)

mega-nerd/libsndfile 1.0.25

opensuse/opensuse 13.1

opensuse/opensuse 13.2

Published Nov 17, 2015

Tracked Since Feb 18, 2026