CVE-2016-2541

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2016-2541
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2016-2541.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2016-2541
Downstream
Published
2018-02-07T17:29:00.310Z
Modified
2025-11-14T04:34:31.589834Z
Severity
  • 5.5 (Medium) CVSS_V3 - CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVSS Calculator
Summary
[none]
Details

Audacity before 2.1.2 allows remote attackers to cause a denial of service (memory corruption and application crash) via a crafted MP2 file.

References

Affected packages

Git / github.com/audacity/audacity

Affected ranges

Type
GIT
Repo
https://github.com/audacity/audacity
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
53b8fd534e2051a992f5a3db35feb02b8e516fa0

Affected versions

Audacity-1.*

Audacity-1.3.12
Audacity-1.3.13
Audacity-1.3.14
Audacity-1.3.15

Audacity-2.*

Audacity-2.0.0
Audacity-2.0.1
Audacity-2.0.2
Audacity-2.0.3
Audacity-2.0.4
Audacity-2.0.5
Audacity-2.0.6
Audacity-2.1.0
Audacity-2.1.1

Database specific

vanir_signatures

[
    {
        "signature_version": "v1",
        "signature_type": "Line",
        "deprecated": false,
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "66864588947979753484225749660263159203",
                "267987750409292518280316596967873861509",
                "11202172672454491329816081171567493709",
                "115795955333616436983341194630885713759",
                "254059627534711714374801358871806589395",
                "202260647511678443568586201882322637156"
            ]
        },
        "target": {
            "file": "src/ViewInfo.cpp"
        },
        "id": "CVE-2016-2541-518b30c1",
        "source": "https://github.com/audacity/audacity/commit/53b8fd534e2051a992f5a3db35feb02b8e516fa0"
    },
    {
        "signature_version": "v1",
        "signature_type": "Line",
        "deprecated": false,
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "38399647438157856831809089895972873921",
                "228096807239596364983888216631011599933",
                "314857515575042533231178717339280927061",
                "315310807940520099516996115758888315983",
                "88759457098864477622206839694474646103",
                "228161729867802652376416023962417280369",
                "83616748671819158051436165844294323091",
                "5871137730356298193096649149970739113",
                "167702642452076325727583795174263460522",
                "7556371000701191095287994382590672588",
                "308538708546675427086624936098229719848",
                "211107071068749770187730401962487347671",
                "197639651603026078509229707447547955153",
                "42484582116663894539100206822463444234",
                "300611510128631336159152611204694431406",
                "153312063652465889078841423862306168127",
                "167891495649134609487019187049795998634",
                "24718313641207123188331133858906875488",
                "215370593398757933198569397815959560698"
            ]
        },
        "target": {
            "file": "src/TrackArtist.cpp"
        },
        "id": "CVE-2016-2541-7fd33770",
        "source": "https://github.com/audacity/audacity/commit/53b8fd534e2051a992f5a3db35feb02b8e516fa0"
    },
    {
        "signature_version": "v1",
        "signature_type": "Function",
        "deprecated": false,
        "digest": {
            "function_hash": "1611930867571478740505099216951801919",
            "length": 137.0
        },
        "target": {
            "file": "src/ViewInfo.cpp",
            "function": "ZoomInfo::TimeToPosition"
        },
        "id": "CVE-2016-2541-e7c7cf2f",
        "source": "https://github.com/audacity/audacity/commit/53b8fd534e2051a992f5a3db35feb02b8e516fa0"
    }
]