5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.024 Low
EPSS
Percentile
89.9%
Package : vorbis-tools
Version : 1.4.0-1+deb6u1
CVE ID : CVE-2014-9638 CVE-2014-9639 CVE-2014-9640 CVE-2015-6749
Debian Bug : #771363 #797461 #776086
Various issues have been fixed in Debian LTS (squeeze) for package
vorbis-tools.
CVE-2014-9638
A crafted WAV file with number of channels set to 0 will cause oggenc
to crash due to a division by zero issue. This issue has been fixed
upstream by providing a fix for CVE-2014-9639. Reported upstream by
"zuBux".
CVE-2014-9639
An integer overflow issue was discovered in oggenc, related to the
number of channels in the input WAV file. The issue triggers an
out-of-bounds memory access which causes oggenc to crash here
(audio.c). Reported upstream by "zuBux".
The upstream fix for this has been backported to vorbis-tools in
Debian LTS (squeeze).
CVE-2014-9640
Fix for a crash on closing raw input (dd if=/dev/zero bs=1 count=1 |
oggenc -r - -o out.ogg). Reported upstream by "hanno".
The upstream fix for this has been backported to vorbis-tools in
Debian LTS (squeeze).
CVE-2015-6749
Buffer overflow in the aiff_open function in oggenc/audio.c in
vorbis-tools 1.4.0 and earlier allowed remote attackers to cause a
denial of service (crash) via a crafted AIFF file. Reported upstream
by "pengsu".
The upstream fix for this has been backported to vorbis-tools in
Debian LTS (squeeze).
–
mike gabriel aka sunweaver (Debian Developer)
fon: +49 (1520) 1976 148
GnuPG Fingerprint: 9BFB AEE8 6C0A A5FF BF22 0782 9AF4 6B30 2577 1B31
mail: [email protected], http://sunweavers.net
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Debian | 6 | all | vorbis-tools-dbg | <Â 1.4.0-1+deb6u1 | vorbis-tools-dbg_1.4.0-1+deb6u1_all.deb |
Debian | 6 | all | vorbis-tools | <Â 1.4.0-1+deb6u1 | vorbis-tools_1.4.0-1+deb6u1_all.deb |