Debian Linux Security Advisory 1972-1 – Max Kellermann discovered a heap-based buffer overflow in the handling of ADPCM WAV files in libaudiofile. This flaw could result in a denial of service (application crash) or possibly execution of arbitrary code via a crafted WAV file.
You can download this advisory from the following link: https://packetstormsecurity.com/files/download/85288/dsa-1972-1.txt
Source: https://packetstormsecurity.com/files/85288/Debian-Linux-Security-Advisory-1972-1.html