Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Stack-based buffer overflow in the String_parse::get_nonspace_quoted function in lib-src/allegro/strparse.cpp in Audacity 1.2.6 and other versions before 1.3.6 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a .gro file containing a long string.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Audacity 缓冲区错误漏洞
Vulnerability Description
Audacity是一款开源免费的跨平台的音频处理软件,用于录制和编辑音频文件。 Audacity 存在缓冲区错误漏洞,该漏洞源于Audacity的lib-src/allegro/strparse.cpp库中的String_parse::get_nonspace_quoted()函数没有正确地解析声音文件中的超长字符串,如果用户受骗打开了特制的*.gro文件的话,就可以触发栈溢出,导致执行任意代码。
CVSS Information
N/A
Vulnerability Type
N/A