VulnerableCode Package Details - pkg:deb/debian/csound@1:6.18.1%2Bdfsg-6?distro=trixie

Search for packages

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerability

Summary

Fixed by

This package is not known to be affected by vulnerabilities.

Vulnerability	Summary	Aliases
VCID-5rpx-jse6-j7g1	csound: untrusted python modules search path	CVE-2008-5986
VCID-jz5a-vech-d3hx	Multiple stack-based buffer overflows in Csound before 5.16.6 allow remote attackers to execute arbitrary code via a crafted (1) hetro file to the getnum function in util/heti_main.c or (2) PVOC file to the getnum function in util/pv_import.c.	CVE-2012-0270
VCID-p73c-788f-nbe2	Stack-based buffer overflow in the main function in util/lpci_main.c in Csound before 5.17.2, when converting a file, allows user-assisted remote attackers to execute arbitrary code via a crafted file.	CVE-2012-2108
VCID-wvkp-ava8-wybw	Integer overflow in the pv_import function in util/pv_import.c in Csound 5.16.6, when converting a file, allows remote attackers to execute arbitrary code via a crafted file, which triggers a heap-based buffer overflow.	CVE-2012-2106
VCID-wwdj-c8rz-1udb	Integer overflow in the main function in util/lpci_main.c in Csound before 5.17.2, when converting a file, allows user-assisted remote attackers to execute arbitrary code via a crafted file, which triggers a heap-based buffer overflow.	CVE-2012-2107

Vulnerability

Summary

Aliases

VCID-5rpx-jse6-j7g1

csound: untrusted python modules search path

CVE-2008-5986

VCID-jz5a-vech-d3hx

Multiple stack-based buffer overflows in Csound before 5.16.6 allow remote attackers to execute arbitrary code via a crafted (1) hetro file to the getnum function in util/heti_main.c or (2) PVOC file to the getnum function in util/pv_import.c.

CVE-2012-0270

VCID-p73c-788f-nbe2

Stack-based buffer overflow in the main function in util/lpci_main.c in Csound before 5.17.2, when converting a file, allows user-assisted remote attackers to execute arbitrary code via a crafted file.

CVE-2012-2108

VCID-wvkp-ava8-wybw

Integer overflow in the pv_import function in util/pv_import.c in Csound 5.16.6, when converting a file, allows remote attackers to execute arbitrary code via a crafted file, which triggers a heap-based buffer overflow.

CVE-2012-2106

VCID-wwdj-c8rz-1udb

Integer overflow in the main function in util/lpci_main.c in Csound before 5.17.2, when converting a file, allows user-assisted remote attackers to execute arbitrary code via a crafted file, which triggers a heap-based buffer overflow.

CVE-2012-2107

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-05-29T16:52:05.532456+00:00	Debian Importer	Fixing	VCID-p73c-788f-nbe2	https://security-tracker.debian.org/tracker/data/json	38.6.0
2026-05-29T16:52:05.506443+00:00	Debian Importer	Fixing	VCID-wwdj-c8rz-1udb	https://security-tracker.debian.org/tracker/data/json	38.6.0
2026-05-29T16:52:05.478085+00:00	Debian Importer	Fixing	VCID-wvkp-ava8-wybw	https://security-tracker.debian.org/tracker/data/json	38.6.0
2026-05-29T16:52:05.452399+00:00	Debian Importer	Fixing	VCID-jz5a-vech-d3hx	https://security-tracker.debian.org/tracker/data/json	38.6.0
2026-05-29T16:52:05.423083+00:00	Debian Importer	Fixing	VCID-5rpx-jse6-j7g1	https://security-tracker.debian.org/tracker/data/json	38.6.0