Unrated severityNVD Advisory· Published Feb 4, 2014· Updated Apr 29, 2026
CVE-2012-2106
CVE-2012-2106
Description
Integer overflow in the pv_import function in util/pv_import.c in Csound 5.16.6, when converting a file, allows remote attackers to execute arbitrary code via a crafted file, which triggers a heap-based buffer overflow.
Affected products
1Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
11- secunia.com/advisories/48148nvdVendor Advisory
- secunia.com/secunia_research/2012-7/nvdVendor Advisory
- csound.git.sourceforge.net/git/gitweb.cginvd
- csound.git.sourceforge.net/git/gitweb.cginvd
- lists.opensuse.org/opensuse-updates/2012-04/msg00057.htmlnvd
- www.openwall.com/lists/oss-security/2012/04/16/1nvd
- www.openwall.com/lists/oss-security/2012/04/16/9nvd
- www.osvdb.org/81016nvd
- www.securityfocus.com/bid/52875nvd
- bugzilla.redhat.com/show_bug.cginvd
- exchange.xforce.ibmcloud.com/vulnerabilities/74647nvd
News mentions
0No linked articles in our index yet.