Symonics Libmysofa 0.7

CPE Details

Symonics Libmysofa 0.7
symonics
libmysofa
0.7
2019-09-09
11h55 +00:00
2019-09-09
11h55 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:symonics:libmysofa:0.7:*:*:*:*:*:*:*

Informations

Vendor

symonics

Product

libmysofa

Version

0.7

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2021-3756 2021-10-29 13h55 +00:00 libmysofa is vulnerable to Heap-based Buffer Overflow
9.8
Critical
CVE-2020-36149 2021-02-08 19h13 +00:00 Incorrect handling of input data in changeAttribute function in the libmysofa library 0.5 - 1.1 will lead to NULL pointer dereference and segmentation fault error in case of restrictive memory protection or near NULL pointer overwrite in case of no memory restrictions (e.g. in embedded environments).
6.5
Medium
CVE-2020-36150 2021-02-08 19h13 +00:00 Incorrect handling of input data in loudness function in the libmysofa library 0.5 - 1.1 will lead to heap buffer overflow and access to unallocated memory block.
6.5
Medium
CVE-2020-36151 2021-02-08 19h13 +00:00 Incorrect handling of input data in mysofa_resampler_reset_mem function in the libmysofa library 0.5 - 1.1 will lead to heap buffer overflow and overwriting large memory block.
6.5
Medium
CVE-2020-36152 2021-02-08 19h13 +00:00 Buffer overflow in readDataVar in hdf/dataobject.c in Symonics libmysofa 0.5 - 1.1 allows attackers to execute arbitrary code via a crafted SOFA.
8.8
High
CVE-2020-36148 2021-02-08 19h13 +00:00 Incorrect handling of input data in verifyAttribute function in the libmysofa library 0.5 - 1.1 will lead to NULL pointer dereference and segmentation fault error in case of restrictive memory protection or near NULL pointer overwrite in case of no memory restrictions (e.g. in embedded environments).
6.5
Medium
CVE-2019-20063 2019-12-29 18h59 +00:00 hdf/dataobject.c in libmysofa before 0.8 has an uninitialized use of memory, as demonstrated by mysofa2json.
8.8
High
CVE-2019-20016 2019-12-27 00h12 +00:00 libmysofa before 2019-11-24 does not properly restrict recursive function calls, as demonstrated by reports of stack consumption in readOHDRHeaderMessageDatatype in dataobject.c and directblockRead in fractalhead.c. NOTE: a download of v0.9 after 2019-12-06 should fully remediate this issue.
6.5
Medium
CVE-2019-16091 2019-09-08 00h41 +00:00 Symonics libmysofa 0.7 has an out-of-bounds read in directblockRead in hdf/fractalhead.c.
7.5
High
CVE-2019-16092 2019-09-08 00h41 +00:00 Symonics libmysofa 0.7 has a NULL pointer dereference in getHrtf in hrtf/reader.c.
9.8
Critical
CVE-2019-16093 2019-09-08 00h41 +00:00 Symonics libmysofa 0.7 has an invalid write in readOHDRHeaderMessageDataLayout in hdf/dataobject.c.
9.8
Critical
CVE-2019-16094 2019-09-08 00h40 +00:00 Symonics libmysofa 0.7 has an invalid read in readOHDRHeaderMessageDataLayout in hdf/dataobject.c.
7.5
High
CVE-2019-16095 2019-09-08 00h40 +00:00 Symonics libmysofa 0.7 has an invalid read in getDimension in hrtf/reader.c.
7.5
High
The information presented on CVE Find originates from several carefully selected reference sources. CVE data is provided by MITRE Corporation and the National Vulnerability Database (NVD). The Known Exploited Vulnerabilities (KEV) catalog is sourced from the Cybersecurity and Infrastructure Security Agency (CISA), while EPSS scores come from FIRST.org. Additionally, data regarding software weaknesses (CWE) and common attack patterns (CAPEC) is maintained by MITRE Corporation, and information on hardware and software configurations (CPE) is provided by the NVD.