Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2008-1423HistoryMay 16, 2008 - 12:54 p.m.
CVE-2008-1423
2008-05-1612:54:00
Debian Security Bug Tracker
security-tracker.debian.org
9
9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.027 Low
EPSS
Percentile
90.4%
Integer overflow in a certain quantvals and quantlist calculation in Xiph.org libvorbis 1.2.0 and earlier allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted OGG file with a large virtual space for its codebook, which triggers a heap overflow.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | libvorbis | <Β 1.2.0.dfsg-3.1 | libvorbis_1.2.0.dfsg-3.1_all.deb |
| Debian | 11 | all | libvorbis | <Β 1.2.0.dfsg-3.1 | libvorbis_1.2.0.dfsg-3.1_all.deb |
| Debian | 10 | all | libvorbis | <Β 1.2.0.dfsg-3.1 | libvorbis_1.2.0.dfsg-3.1_all.deb |
| Debian | 999 | all | libvorbis | <Β 1.2.0.dfsg-3.1 | libvorbis_1.2.0.dfsg-3.1_all.deb |
| Debian | 13 | all | libvorbis | <Β 1.2.0.dfsg-3.1 | libvorbis_1.2.0.dfsg-3.1_all.deb |
| Debian | 12 | all | libvorbisidec | <Β 1.0.2+svn18153-0.1 | libvorbisidec_1.0.2+svn18153-0.1_all.deb |
| Debian | 11 | all | libvorbisidec | <Β 1.0.2+svn18153-0.1 | libvorbisidec_1.0.2+svn18153-0.1_all.deb |
| Debian | 10 | all | libvorbisidec | <Β 1.0.2+svn18153-0.1 | libvorbisidec_1.0.2+svn18153-0.1_all.deb |
| Debian | 999 | all | libvorbisidec | <Β 1.0.2+svn18153-0.1 | libvorbisidec_1.0.2+svn18153-0.1_all.deb |
| Debian | 13 | all | libvorbisidec | <Β 1.0.2+svn18153-0.1 | libvorbisidec_1.0.2+svn18153-0.1_all.deb |
Related
veracode
veracode
Arbitrary Code Execution
2020-04-10 00:23:05
prion
prion
Integer overflow
2008-05-16 12:54:00
ubuntucve
ubuntucve
CVE-2008-1423
2008-05-16 00:00:00
cve
cve
CVE-2008-1423
2008-05-16 12:54:00
openvas
openvas
RedHat Update for libvorbis RHSA-2008:0270-01
2009-03-06 00:00:00
Mandriva Update for libvorbis MDVSA-2008:102 (libvorbis)
2009-04-09 00:00:00
RedHat Update for libvorbis RHSA-2008:0270-01
2009-03-06 00:00:00
nessus
nessus
SuSE 10 Security Update : libvorbis (ZYPP Patch Number 5259)
2008-05-29 00:00:00
Ubuntu 6.06 LTS / 7.10 / 8.04 LTS : libvorbis vulnerabilities (USN-682-1)
2009-04-23 00:00:00
Fedora 7 : libvorbis-1.1.2-4.fc7 (2008-3898)
2008-05-16 00:00:00
centos
centos
libvorbis security update
2008-05-14 12:52:45
libvorbis security update
2008-05-16 03:59:20
seebug
seebug
libvorbisε€δΈͺηΌε²εΊζΊ’εΊζΌζ΄
2008-05-17 00:00:00
osv
osv
libvorbis - several vulnerabilities
2008-06-03 00:00:00
redhat
redhat
(RHSA-2008:0270) Important: libvorbis security update
2008-05-14 00:00:00
(RHSA-2008:0271) Important: libvorbis security update
2008-05-14 00:00:00
fedora
fedora
[SECURITY] Fedora 8 Update: libvorbis-1.2.0-2.fc8
2008-05-14 22:08:15
[SECURITY] Fedora 9 Update: libvorbis-1.2.0-4.fc9
2008-05-14 22:10:23
[SECURITY] Fedora 7 Update: libvorbis-1.1.2-4.fc7
2008-05-14 22:08:55
securityvulns
securityvulns
[SECURITY] [DSA 1591-1] New libvorbis packages fix several vulnerabilities
2008-06-04 00:00:00
libvorbis multiple security vulnerabilities
2009-08-25 00:00:00
freebsd
freebsd
libvorbis -- various security issues
2008-05-14 00:00:00
libtremor -- multiple vulnerabilities
2008-03-19 00:00:00
oraclelinux
oraclelinux
libvorbis security update
2008-05-14 00:00:00
ubuntu
ubuntu
libvorbis vulnerabilities
2008-12-01 00:00:00
debian
debian
[SECURITY] [DSA 1591-1] New libvorbis packages fix several vulnerabilities
2008-06-03 11:30:58
gentoo
gentoo
libvorbis: Multiple vulnerabilities
2008-06-23 00:00:00
9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.027 Low
EPSS
Percentile
90.4%
Related for DEBIANCVE:CVE-2008-1423