---

CVE-2021-3246 - log back

CVE-2021-3246 edited at 23 Jul 2021 10:37:29
Description	- A heap buffer overflow vulnerability in msadpcm_decode_block of libsndfile 1.0.30 allows attackers to execute arbitrary code via a crafted WAV file. + A heap buffer overflow vulnerability in msadpcm_decode_block of libsndfile before version 1.1.0 allows attackers to execute arbitrary code via a crafted WAV file.
References	https://github.com/libsndfile/libsndfile/issues/687 + https://oss-fuzz.com/testcase-detail/5696502087024640 + https://github.com/libsndfile/libsndfile/pull/707 + https://github.com/libsndfile/libsndfile/commit/9e0e55f8bfa60bddca083ff85699f855c91c42e7

CVE-2021-3246 edited at 20 Jul 2021 15:57:18
Severity	- Unknown + Medium
Remote	- Unknown + Remote
Type	- Unknown + Arbitrary code execution
Description	+ A heap buffer overflow vulnerability in msadpcm_decode_block of libsndfile 1.0.30 allows attackers to execute arbitrary code via a crafted WAV file.
References	+ https://github.com/libsndfile/libsndfile/issues/687
Notes

CVE-2021-3246 created at 20 Jul 2021 15:55:36