Launchpad.net

CVE 2017-6838

Integer overflow in sfcommands/sfconvert.c in Audio File Library (aka audiofile) 0.3.6 allows remote attackers to cause a denial of service (crash) via a crafted file.

See the CVE page on Mitre.org for more details.