CVEs affecting projects tracked on Release Alert, from NVD & OSV.
CVE-2009-0490 — HIGH severity vulnerability | Release Alert
CVE-2009-0490
9.3
HIGHCVSS v2
Published
February 10, 2009
Affected
1 project
Assigned by
MITRE
Severity scale
010
Description
Stack-based buffer overflow in the String_parse::get_nonspace_quoted function in lib-src/allegro/strparse.cpp in Audacity 1.2.6 and other versions before 1.3.6 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a .gro file containing a long string.
ChocolateyAudacity is free, open source, cross-platform software for recording and editing sounds.
## Features
- Record live audio.
- Convert tapes and records into digital recordings or CDs.
- Edit Ogg Vorbis, MP3, WAV or AIFF sound files.
- Cut, copy, splice or mix sounds together.
- Change the speed or pitch of a recording.
- Add new effects with LADSPA plug-ins.
- And more! See [full list of features](https://www.audacityteam.org/about/features).
## Notes
**If the package is out of date please check [Version History](#versionhistory) for the latest submitted version. If you have a question, please ask it in [Chocolatey Community Package Discussions](https://github.com/chocolatey-community/chocolatey-packages/discussions) or raise an issue on the [Chocolatey Community Packages Repository](https://github.com/chocolatey-community/chocolatey-packages/issues) if you have problems with the package. Disqus comments will generally not be responded to.**