Vulnerabilities > CVE-2012-2106 - Numeric Errors vulnerability in Csounds Csound 5.16.6

047910
CVSS 0.0 - NONE
Attack vector
UNKNOWN
Attack complexity
UNKNOWN
Privileges required
UNKNOWN
Confidentiality impact
UNKNOWN
Integrity impact
UNKNOWN
Availability impact
UNKNOWN

Summary

Integer overflow in the pv_import function in util/pv_import.c in Csound 5.16.6, when converting a file, allows remote attackers to execute arbitrary code via a crafted file, which triggers a heap-based buffer overflow.

Vulnerable Configurations

Part Description Count
Application
Csounds
1

Common Weakness Enumeration (CWE)

Nessus

NASL familySuSE Local Security Checks
NASL idOPENSUSE-2012-246.NASL
descriptionspecially crafted files could cause buffer overflows in csound
last seen2020-06-05
modified2014-06-13
plugin id74608
published2014-06-13
reporterThis script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
sourcehttps://www.tenable.com/plugins/nessus/74608
titleopenSUSE Security Update : csound (openSUSE-SU-2012:0550-1)