Vulnerabilities > CVE-2017-17054 - Divide By Zero vulnerability in Aubio 0.4.6

047910
CVSS 4.3 - MEDIUM
Attack vector
NETWORK
Attack complexity
MEDIUM
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
PARTIAL
network
aubio
CWE-369
nessus

Summary

In aubio 0.4.6, a divide-by-zero error exists in the function new_aubio_source_wavread() in source_wavread.c, which may lead to DoS when playing a crafted audio file.

Vulnerable Configurations

Part Description Count
Application
Aubio
1

Common Weakness Enumeration (CWE)

Nessus

NASL familySuSE Local Security Checks
NASL idOPENSUSE-2018-329.NASL
descriptionThis update for aubio fixes the following issues : - CVE-2017-17054: Specially crafted wav files could have been used to cause an application crash (boo#1070399)
last seen2020-06-05
modified2018-04-02
plugin id108784
published2018-04-02
reporterThis script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
sourcehttps://www.tenable.com/plugins/nessus/108784
titleopenSUSE Security Update : aubio (openSUSE-2018-329)