Network Audio System
by Radscan
CVEs (7)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2007-1543 | 0.01 | — | 0.08 | Mar 20, 2007 | Stack-based buffer overflow in the accept_att_local function in server/os/connection.c in Network Audio System (NAS) before 1.8a SVN 237 allows remote attackers to execute arbitrary code via a long path slave name in a USL socket connection. | |||
| CVE-2013-4258 | 0.00 | — | 0.04 | Oct 9, 2013 | Format string vulnerability in the osLogMsg function in server/os/aulog.c in Network Audio System (NAS) 1.9.3 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via format string specifiers in unspecified vectors, related to syslog. | |||
| CVE-2013-4256 | 0.00 | — | 0.01 | Oct 9, 2013 | Multiple stack-based and heap-based buffer overflows in Network Audio System (NAS) 1.9.3 allow local users to cause a denial of service (crash) or possibly execute arbitrary code via the (1) display command argument to the ProcessCommandLine function in server/os/utils.c; (2)… | |||
| CVE-2007-1547 | 0.00 | — | 0.04 | Mar 20, 2007 | The ReadRequestFromClient function in server/os/io.c in Network Audio System (NAS) before 1.8a SVN 237 allows remote attackers to cause a denial of service (crash) via multiple simultaneous connections, which triggers a NULL pointer dereference. | |||
| CVE-2007-1544 | 0.00 | — | 0.05 | Mar 20, 2007 | Integer overflow in the ProcAuWriteElement function in server/dia/audispatch.c in Network Audio System (NAS) before 1.8a SVN 237 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large max_samples value. | |||
| CVE-2007-1545 | 0.00 | — | 0.02 | Mar 20, 2007 | The AddResource function in server/dia/resource.c in Network Audio System (NAS) before 1.8a SVN 237 allows remote attackers to cause a denial of service (server crash) via a nonexistent client ID. | |||
| CVE-2007-1546 | 0.00 | — | 0.02 | Mar 20, 2007 | Array index error in Network Audio System (NAS) before 1.8a SVN 237 allows remote attackers to cause a denial of service (crash) via (1) large num_action values in the ProcAuSetElements function in server/dia/audispatch.c or (2) a large inputNum parameter to the compileInputs… |
- CVE-2007-1543Mar 20, 2007risk 0.01cvss —epss 0.08
Stack-based buffer overflow in the accept_att_local function in server/os/connection.c in Network Audio System (NAS) before 1.8a SVN 237 allows remote attackers to execute arbitrary code via a long path slave name in a USL socket connection.
- CVE-2013-4258Oct 9, 2013risk 0.00cvss —epss 0.04
Format string vulnerability in the osLogMsg function in server/os/aulog.c in Network Audio System (NAS) 1.9.3 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via format string specifiers in unspecified vectors, related to syslog.
- CVE-2013-4256Oct 9, 2013risk 0.00cvss —epss 0.01
Multiple stack-based and heap-based buffer overflows in Network Audio System (NAS) 1.9.3 allow local users to cause a denial of service (crash) or possibly execute arbitrary code via the (1) display command argument to the ProcessCommandLine function in server/os/utils.c; (2)…
- CVE-2007-1547Mar 20, 2007risk 0.00cvss —epss 0.04
The ReadRequestFromClient function in server/os/io.c in Network Audio System (NAS) before 1.8a SVN 237 allows remote attackers to cause a denial of service (crash) via multiple simultaneous connections, which triggers a NULL pointer dereference.
- CVE-2007-1544Mar 20, 2007risk 0.00cvss —epss 0.05
Integer overflow in the ProcAuWriteElement function in server/dia/audispatch.c in Network Audio System (NAS) before 1.8a SVN 237 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large max_samples value.
- CVE-2007-1545Mar 20, 2007risk 0.00cvss —epss 0.02
The AddResource function in server/dia/resource.c in Network Audio System (NAS) before 1.8a SVN 237 allows remote attackers to cause a denial of service (server crash) via a nonexistent client ID.
- CVE-2007-1546Mar 20, 2007risk 0.00cvss —epss 0.02
Array index error in Network Audio System (NAS) before 1.8a SVN 237 allows remote attackers to cause a denial of service (crash) via (1) large num_action values in the ProcAuSetElements function in server/dia/audispatch.c or (2) a large inputNum parameter to the compileInputs…