CVE-2009-4835

Name of the Vulnerable Software and Affected Versions libsndfile version 1.0.20

Description The issue allows context-dependent attackers to cause a denial of service, resulting in a divide-by-zero error and application crash, via a crafted audio file. This is due to vulnerabilities in several functions, including htk read header, alaw init, ulaw init, pcm init, float32 init, and sds read header.

Recommendations For libsndfile version 1.0.20, consider disabling the use of the vulnerable functions until a patch is available. Restrict access to crafted audio files to minimize the risk of exploitation. Avoid using the vulnerable functions in the affected library until the issue is resolved.