rpm package
opensuse/csound&distro=openSUSE Tumbleweed
pkg:rpm/opensuse/csound&distro=openSUSE%20Tumbleweed
Vulnerabilities (4)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2012-0270 | — | < 5.18.02-7.10 | 5.18.02-7.10 | Feb 17, 2014 | Multiple stack-based buffer overflows in Csound before 5.16.6 allow remote attackers to execute arbitrary code via a crafted (1) hetro file to the getnum function in util/heti_main.c or (2) PVOC file to the getnum function in util/pv_import.c. | ||
| CVE-2012-2108 | — | < 5.18.02-7.10 | 5.18.02-7.10 | Feb 4, 2014 | Stack-based buffer overflow in the main function in util/lpci_main.c in Csound before 5.17.2, when converting a file, allows user-assisted remote attackers to execute arbitrary code via a crafted file. | ||
| CVE-2012-2107 | — | < 5.18.02-7.10 | 5.18.02-7.10 | Feb 4, 2014 | Integer overflow in the main function in util/lpci_main.c in Csound before 5.17.2, when converting a file, allows user-assisted remote attackers to execute arbitrary code via a crafted file, which triggers a heap-based buffer overflow. | ||
| CVE-2012-2106 | — | < 5.18.02-7.10 | 5.18.02-7.10 | Feb 4, 2014 | Integer overflow in the pv_import function in util/pv_import.c in Csound 5.16.6, when converting a file, allows remote attackers to execute arbitrary code via a crafted file, which triggers a heap-based buffer overflow. |
- CVE-2012-0270Feb 17, 2014affected < 5.18.02-7.10fixed 5.18.02-7.10
Multiple stack-based buffer overflows in Csound before 5.16.6 allow remote attackers to execute arbitrary code via a crafted (1) hetro file to the getnum function in util/heti_main.c or (2) PVOC file to the getnum function in util/pv_import.c.
- CVE-2012-2108Feb 4, 2014affected < 5.18.02-7.10fixed 5.18.02-7.10
Stack-based buffer overflow in the main function in util/lpci_main.c in Csound before 5.17.2, when converting a file, allows user-assisted remote attackers to execute arbitrary code via a crafted file.
- CVE-2012-2107Feb 4, 2014affected < 5.18.02-7.10fixed 5.18.02-7.10
Integer overflow in the main function in util/lpci_main.c in Csound before 5.17.2, when converting a file, allows user-assisted remote attackers to execute arbitrary code via a crafted file, which triggers a heap-based buffer overflow.
- CVE-2012-2106Feb 4, 2014affected < 5.18.02-7.10fixed 5.18.02-7.10
Integer overflow in the pv_import function in util/pv_import.c in Csound 5.16.6, when converting a file, allows remote attackers to execute arbitrary code via a crafted file, which triggers a heap-based buffer overflow.