CVE-2017-7585

MEDIUM

libsndfile <1.0.28 - Buffer Overflow

Title source: llm

Description

In libsndfile before 1.0.28, an error in the "flac_buffer_copy()" function (flac.c) can be exploited to cause a stack-based buffer overflow via a specially crafted FLAC file.

References (5)

Scores

CVSS v3 5.5
EPSS 0.0030
EPSS Percentile 53.0%
Attack Vector LOCAL
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Classification

CWE
CWE-119
Status published

Affected Products (2)

libsndfile_project/libsndfile < 1.0.27
n/a/n/a

Timeline

Published Apr 07, 2017
Tracked Since Feb 18, 2026