Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
centosCentOS ProjectCESA-2009:1561
HistoryNov 09, 2009 - 6:11 p.m.

libvorbis security update

2009-11-0918:11:44
CentOS Project
lists.centos.org
49

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.254 Low

EPSS

Percentile

96.7%

JSON

CentOS Errata and Security Advisory CESA-2009:1561

The libvorbis packages contain runtime libraries for use in programs that
support Ogg Vorbis. Ogg Vorbis is a fully open, non-proprietary, patent-and
royalty-free, general-purpose compressed audio format.

Multiple flaws were found in the libvorbis library. A specially-crafted Ogg
Vorbis media format file (Ogg) could cause an application using libvorbis
to crash or, possibly, execute arbitrary code when opened. (CVE-2009-3379)

Users of libvorbis should upgrade to these updated packages, which contain
backported patches to correct these issues. The desktop must be restarted
(log out, then log back in) for this update to take effect.

Merged security bulletin from advisories:
https://lists.centos.org/pipermail/centos-announce/2009-November/078470.html
https://lists.centos.org/pipermail/centos-announce/2009-November/078471.html
https://lists.centos.org/pipermail/centos-announce/2009-November/078472.html
https://lists.centos.org/pipermail/centos-announce/2009-November/078473.html
https://lists.centos.org/pipermail/centos-announce/2009-November/078484.html
https://lists.centos.org/pipermail/centos-announce/2009-November/078485.html

Affected packages:
libvorbis
libvorbis-devel

Upstream details at:
https://access.redhat.com/errata/RHSA-2009:1561

Related

oraclelinux 1
veracode 1
openvas 34
redhat 1
nessus 19
freebsd 2
securityvulns 4
prion 1
fedora 2
cve 1
debiancve 1
ubuntu 1
debian 1
ubuntucve 1
mozilla 1
seebug 1
suse 1
gentoo 1
oraclelinux
oraclelinux
libvorbis security update
2009-11-09 00:00:00
veracode
veracode
Arbitrary Code Execution
2020-04-10 00:42:52
openvas
openvas
RedHat Security Advisory RHSA-2009:1561
2009-11-11 00:00:00
CentOS Update for libvorbis CESA-2009:1561 centos3 i386
2011-08-09 00:00:00
Oracle: Security Advisory (ELSA-2009-1561)
2015-10-08 00:00:00
redhat
redhat
(RHSA-2009:1561) Important: libvorbis security update
2009-11-09 00:00:00
nessus
nessus
CentOS 3 / 4 / 5 : libvorbis (CESA-2009:1561)
2013-06-29 00:00:00
Scientific Linux Security Update : libvorbis on SL3.x, SL4.x, SL5.x i386/x86_64
2012-08-01 00:00:00
Oracle Linux 3 / 4 / 5 : libvorbis (ELSA-2009-1561)
2013-07-12 00:00:00
freebsd
freebsd
libvorbis -- multiple vulnerabilities
2009-11-24 00:00:00
mozilla -- multiple vulnerabilities
2009-10-27 00:00:00
securityvulns
securityvulns
libvorbis library multiple security vulnerabilities
2009-11-25 00:00:00
[USN-861-1] libvorbis vulnerabilities
2009-11-25 00:00:00
Mozilla Foundation Security Advisory 2009-63
2009-10-28 00:00:00
prion
prion
Code injection
2009-10-29 14:30:00
fedora
fedora
[SECURITY] Fedora 10 Update: libvorbis-1.2.0-7.fc10
2009-11-10 17:43:32
[SECURITY] Fedora 11 Update: libvorbis-1.2.0-9.fc11
2009-11-10 17:52:37
cve
cve
CVE-2009-3379
2009-10-29 14:30:00
debiancve
debiancve
CVE-2009-3379
2009-10-29 14:30:00
ubuntu
ubuntu
libvorbis vulnerabilities
2009-11-24 00:00:00
debian
debian
[SECURITY] [DSA 1939-1] New libvorbis packages fix several vulnerabilities
2009-11-24 22:41:33
ubuntucve
ubuntucve
CVE-2009-3379
2009-10-29 00:00:00
mozilla
mozilla
Upgrade media libraries to fix memory safety bugs β€” Mozilla
2009-10-27 00:00:00
seebug
seebug
Mozilla Firefox倚δΈͺε†…ε­˜η ΄εζΌζ΄ž
2009-11-03 00:00:00
suse
suse
remote code execution in MozillaFirefox
2009-11-04 14:24:35
gentoo
gentoo
Mozilla Products: Multiple vulnerabilities
2013-01-08 00:00:00

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.254 Low

EPSS

Percentile

96.7%

JSON
Related for CESA-2009:1561
oraclelinux1veracode1openvas34redhat1nessus19freebsd2securityvulns4prion1fedora2cve1debiancve1ubuntu1debian1ubuntucve1mozilla1seebug1suse1gentoo1