Search for packages
| purl | pkg:deb/debian/audacity@1.3.5-2%2Blenny1 |
| Next non-vulnerable version | 2.4.2~dfsg0-5 |
| Latest non-vulnerable version | 2.4.2~dfsg0-5 |
| Risk | 10.0 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-4e8r-fvv6-f7f2
Aliases: CVE-2016-2541 |
Audacity before 2.1.2 allows remote attackers to cause a denial of service (memory corruption and application crash) via a crafted MP2 file. |
Affected by 1 other vulnerability. |
|
VCID-c1k4-7mhy-73gp
Aliases: CVE-2009-0490 |
A boundary error in Audacity allows for the execution of arbitrary code. |
Affected by 3 other vulnerabilities. |
|
VCID-nxc6-nv2g-17g6
Aliases: CVE-2016-2540 |
Audacity before 2.1.2 allows remote attackers to cause a denial of service (memory corruption and application crash) via a crafted FORMATCHUNK structure. |
Affected by 1 other vulnerability. |
|
VCID-veb9-7659-wfg7
Aliases: CVE-2020-11867 |
Audacity through 2.3.3 saves temporary files to /var/tmp/audacity-$USER by default. After Audacity creates the temporary directory, it sets its permissions to 755. Any user on the system can read and play the temporary audio .au files located there. |
Affected by 0 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-2u5b-cbtr-xqa1 | Audacity uses temporary files in an insecure manner, allowing for a symlink attack. |
CVE-2007-6061
|
| VCID-4zzy-q5zp-jkgm | A buffer over-read flaw was found in the bundled expat library. An attacker who is able to get Apache to parse an untrused XML document (for example through mod_dav) may be able to cause a crash. This crash would only be a denial of service if using the worker MPM. |
CVE-2009-3720
|
| VCID-qtav-hqnd-b7fa | A buffer over-read flaw was found in the bundled expat library. An attacker who is able to get Apache to parse an untrused XML document (for example through mod_dav) may be able to cause a crash. This crash would only be a denial of service if using the worker MPM. |
CVE-2009-3560
|