Vulnerabilities > CVE-2022-33064 - Off-by-one Error vulnerability in Libsndfile Project Libsndfile 1.1.0

047910
CVSS 7.8 - HIGH
Attack vector
LOCAL
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
HIGH
Integrity impact
HIGH
Availability impact
HIGH
local
low complexity
libsndfile-project
CWE-193

Summary

An off-by-one error in function wav_read_header in src/wav.c in Libsndfile 1.1.0, results in a write out of bound, which allows an attacker to execute arbitrary code, Denial of Service or other unspecified impacts.

Vulnerable Configurations

Part Description Count
Application
Libsndfile_Project
1

Common Weakness Enumeration (CWE)