Mend.io Vulnerability Database

What is a CVE vulnerability ID? icon What is a WS vulnerability ID? icon What is an MSC vulnerability ID? icon
New vulnerability? Tell us about it!
icon

We found results for “

CVE-2024-33429

Good to know:

icon

Date: April 30, 2024

Buffer-Overflow vulnerability at pcm_convert.h:513 of phiola v2.0-rc22 allows a remote attacker to execute arbitrary code via a crafted .wav file.

Language: C

Severity Score

Related Resources (8)

https://nvd.nist.gov/vuln/detail/CVE-2024-33429
https://github.com/Helson-S/FuzzyTesting/blob/master/phiola/heap-buffer-overflow-2/poc/
https://github.com/stsaz/phiola/
https://github.com/Helson-S/FuzzyTesting/tree/master/phiola/heap-buffer-overflow-2
https://github.com/Helson-S/FuzzyTesting/blob/master/phiola/heap-buffer-overflow-2/heap-buffer-overflow-2.md
https://github.com/Helson-S/FuzzyTesting/blob/master/phiola/heap-buffer-overflow-2/heap-buffer-overflow-2.assets/image-20240420011116818.png
https://github.com/stsaz/phiola/issues/30
https://www.mend.io/vulnerability-database/CVE-2024-33429

Severity Score

Weakness Type (CWE)

Heap-based Buffer Overflow

CWE-122

Top Fix

icon

Upgrade Version

Upgrade to version v2.0-rc23

Learn More

CVSS v3.1

Base Score:
Attack Vector (AV): NETWORK
Attack Complexity (AC): LOW
Privileges Required (PR): NONE
User Interaction (UI): NONE
Scope (S): UNCHANGED
Confidentiality (C): NONE
Integrity (I): HIGH
Availability (A): NONE

Do you need more information?

Contact Us