Vulnerability Details CVE-2018-1000223
soundtouch version up to and including 2.0.0 contains a Buffer Overflow vulnerability in SoundStretch/WavFile.cpp:WavInFile::readHeaderBlock() that can result in arbitrary code execution. This attack appear to be exploitable via victim must open maliocius file in soundstretch utility.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.006
EPSS Ranking 68.4%
CVSS Severity
CVSS v3 Score 8.8
CVSS v2 Score 6.8
References
Products affected by CVE-2018-1000223
-
cpe:2.3:a:surina:soundtouch:1.3.1
-
cpe:2.3:a:surina:soundtouch:1.4.0
-
cpe:2.3:a:surina:soundtouch:1.5.0
-
cpe:2.3:a:surina:soundtouch:1.6.0
-
cpe:2.3:a:surina:soundtouch:1.7.0
-
cpe:2.3:a:surina:soundtouch:1.7.1
-
cpe:2.3:a:surina:soundtouch:1.8.0
-
cpe:2.3:a:surina:soundtouch:1.9.0
-
cpe:2.3:a:surina:soundtouch:1.9.1
-
cpe:2.3:a:surina:soundtouch:1.9.2
-
cpe:2.3:a:surina:soundtouch:2.0.0