CVE-2008-5008

Published: Nov 10, 2008Modified: Apr 23, 2026

9.3

Vector

AV:N/AC:M/Au:N/C:C/I:C/A:C

Exploitability: 8.6 / Impact: 10.0

Source: NVD

Description

Buffer overflow in src/src_sinc.c in Secret Rabbit Code (aka SRC or libsamplerate) before 0.1.4, when "extreme low conversion ratios" are used, allows user-assisted attackers to have an unknown impact via a crafted audio file.

Affected (13)

Products: Mega Nerd: Secret Rabbit Code

1 product

Secret Rabbit Code

Configuration A

13 vulnerable

Vulnerable Software	Affected Versions
Mega Nerd Secret Rabbit Code	Up to 0.1.3
Mega Nerd Secret Rabbit Code	Version 0.0.0
Mega Nerd Secret Rabbit Code	Version 0.0.11
Mega Nerd Secret Rabbit Code	Version 0.0.12
Mega Nerd Secret Rabbit Code	Version 0.0.13
Mega Nerd Secret Rabbit Code	Version 0.0.14
Mega Nerd Secret Rabbit Code	Version 0.0.15
Mega Nerd Secret Rabbit Code	Version 0.0.2
Mega Nerd Secret Rabbit Code	Version 0.0.7
Mega Nerd Secret Rabbit Code	Version 0.0.9
Mega Nerd Secret Rabbit Code	Version 0.1.0
Mega Nerd Secret Rabbit Code	Version 0.1.1
Mega Nerd Secret Rabbit Code	Version 0.1.2

Related CWEs

Improper Restriction of Operations within the Bounds of a Memory Buffer

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

References (12)

http://security.gentoo.org/glsa/glsa-200812-05.xml

Source: cve@mitre.org

http://www.mandriva.com/security/advisories?name=MDVSA-2008:238

Source: cve@mitre.org

http://www.mega-nerd.com/SRC/ChangeLog

Source: cve@mitre.org

http://www.openwall.com/lists/oss-security/2008/11/03/6

Source: cve@mitre.org

http://www.securityfocus.com/bid/32090

Source: cve@mitre.org

https://exchange.xforce.ibmcloud.com/vulnerabilities/46542

Source: cve@mitre.org

http://security.gentoo.org/glsa/glsa-200812-05.xml

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.mandriva.com/security/advisories?name=MDVSA-2008:238

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.mega-nerd.com/SRC/ChangeLog

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.openwall.com/lists/oss-security/2008/11/03/6

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/bid/32090

Source: af854a3a-2127-422b-91ae-364da2661108

https://exchange.xforce.ibmcloud.com/vulnerabilities/46542

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.