Vulnerabilities > Surina

DATE CVE VULNERABILITY TITLE RISK
2018-09-16 CVE-2018-17098 Out-of-bounds Write vulnerability in Surina Soundtouch 2.0.0
The WavFileBase class in WavFile.cpp in Olli Parviainen SoundTouch 2.0 allows remote attackers to cause a denial of service (heap corruption from size inconsistency) or possibly have unspecified other impact, as demonstrated by SoundStretch.
network
low complexity
surina CWE-787
8.8
2018-09-16 CVE-2018-17097 Double Free vulnerability in Surina Soundtouch 2.0.0
The WavFileBase class in WavFile.cpp in Olli Parviainen SoundTouch 2.0 allows remote attackers to cause a denial of service (double free) or possibly have unspecified other impact, as demonstrated by SoundStretch.
network
low complexity
surina CWE-415
8.8
2018-09-16 CVE-2018-17096 Reachable Assertion vulnerability in Surina Soundtouch 2.0.0
The BPMDetect class in BPMDetect.cpp in libSoundTouch.a in Olli Parviainen SoundTouch 2.0 allows remote attackers to cause a denial of service (assertion failure and application exit), as demonstrated by SoundStretch.
network
low complexity
surina CWE-617
6.5
2018-08-20 CVE-2018-1000223 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Surina Soundtouch
soundtouch version up to and including 2.0.0 contains a Buffer Overflow vulnerability in SoundStretch/WavFile.cpp:WavInFile::readHeaderBlock() that can result in arbitrary code execution.
network
low complexity
surina CWE-119
8.8
2018-07-13 CVE-2018-14045 Reachable Assertion vulnerability in Surina Soundtouch 2.0.0
The FIRFilter::evaluateFilterMulti function in FIRFilter.cpp in libSoundTouch.a in Olli Parviainen SoundTouch 2.0 allows remote attackers to cause a denial of service (assertion failure and application exit), as demonstrated by SoundStretch.
network
low complexity
surina CWE-617
7.5
2018-07-13 CVE-2018-14044 Reachable Assertion vulnerability in Surina Soundtouch 2.0.0
The RateTransposer::setChannels function in RateTransposer.cpp in libSoundTouch.a in Olli Parviainen SoundTouch 2.0 allows remote attackers to cause a denial of service (assertion failure and application exit), as demonstrated by SoundStretch.
network
low complexity
surina CWE-617
7.5
2017-07-27 CVE-2017-9260 Out-of-bounds Read vulnerability in Surina Soundtouch 1.9.2
The TDStretchSSE::calcCrossCorr function in source/SoundTouch/sse_optimized.cpp in SoundTouch 1.9.2 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted wav file.
local
low complexity
surina CWE-125
5.5
2017-07-27 CVE-2017-9259 Resource Exhaustion vulnerability in Surina Soundtouch 1.9.2
The TDStretch::acceptNewOverlapLength function in source/SoundTouch/TDStretch.cpp in SoundTouch 1.9.2 allows remote attackers to cause a denial of service (memory allocation error and application crash) via a crafted wav file.
local
low complexity
surina CWE-400
5.5
2017-07-27 CVE-2017-9258 Infinite Loop vulnerability in Surina Soundtouch 1.9.2
The TDStretch::processSamples function in source/SoundTouch/TDStretch.cpp in SoundTouch 1.9.2 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a crafted wav file.
local
low complexity
surina CWE-835
5.5