VYPR

rpm package

opensuse/csound&distro=openSUSE Tumbleweed

pkg:rpm/opensuse/csound&distro=openSUSE%20Tumbleweed

Vulnerabilities (4)

  • CVE-2012-0270Feb 17, 2014
    affected < 5.18.02-7.10fixed 5.18.02-7.10

    Multiple stack-based buffer overflows in Csound before 5.16.6 allow remote attackers to execute arbitrary code via a crafted (1) hetro file to the getnum function in util/heti_main.c or (2) PVOC file to the getnum function in util/pv_import.c.

  • CVE-2012-2108Feb 4, 2014
    affected < 5.18.02-7.10fixed 5.18.02-7.10

    Stack-based buffer overflow in the main function in util/lpci_main.c in Csound before 5.17.2, when converting a file, allows user-assisted remote attackers to execute arbitrary code via a crafted file.

  • CVE-2012-2107Feb 4, 2014
    affected < 5.18.02-7.10fixed 5.18.02-7.10

    Integer overflow in the main function in util/lpci_main.c in Csound before 5.17.2, when converting a file, allows user-assisted remote attackers to execute arbitrary code via a crafted file, which triggers a heap-based buffer overflow.

  • CVE-2012-2106Feb 4, 2014
    affected < 5.18.02-7.10fixed 5.18.02-7.10

    Integer overflow in the pv_import function in util/pv_import.c in Csound 5.16.6, when converting a file, allows remote attackers to execute arbitrary code via a crafted file, which triggers a heap-based buffer overflow.