Alan Rad Pop discovered that libsndfile, a library to read and write
sampled audio data, is prone to an integer overflow. This causes a
heap-based buffer overflow when processing crafted CAF description
chunks possibly leading to arbitrary code execution.
Read the full story: DSA-1742 libsndfile – integer overflow: http://www.debian.org/security/2009/dsa-1742
Three vulnerabilities have been discovered in the mt-daapd DAAP audio
server (also known as the Firefly Media Server). The Common
Vulnerabilities and Exposures project identifies the following three
problems:
Read the full story: DSA-1597 mt-daapd – multiple vulnerabilities: http://www.debian.org/security/2008/dsa-1597
Several local (remote) vulnerabilities have been discovered in libvorbis,
a library for the Vorbis general-purpose compressed audio codec. The Common
Vulnerabilities and Exposures project identifies the following problems:
Read the full story: DSA-1591 libvorbis – several vulnerabilities: http://www.debian.org/security/2008/dsa-1591