Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2008-2009HistoryMay 16, 2008 - 12:54 p.m.
CVE-2008-2009
2008-05-1612:54:00
Debian Security Bug Tracker
security-tracker.debian.org
8
0.031 Low
EPSS
Percentile
91.0%
Xiph.org libvorbis before 1.0 does not properly check for underpopulated Huffman trees, which allows remote attackers to cause a denial of service (crash) via a crafted OGG file that triggers memory corruption during execution of the _make_decode_tree function.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | libvorbis | < 1.2.0.dfsg-4 | libvorbis_1.2.0.dfsg-4_all.deb |
| Debian | 11 | all | libvorbis | < 1.2.0.dfsg-4 | libvorbis_1.2.0.dfsg-4_all.deb |
| Debian | 10 | all | libvorbis | < 1.2.0.dfsg-4 | libvorbis_1.2.0.dfsg-4_all.deb |
| Debian | 999 | all | libvorbis | < 1.2.0.dfsg-4 | libvorbis_1.2.0.dfsg-4_all.deb |
| Debian | 13 | all | libvorbis | < 1.2.0.dfsg-4 | libvorbis_1.2.0.dfsg-4_all.deb |
| Debian | 12 | all | libvorbisidec | < 1.0.2+svn18153-0.1 | libvorbisidec_1.0.2+svn18153-0.1_all.deb |
| Debian | 11 | all | libvorbisidec | < 1.0.2+svn18153-0.1 | libvorbisidec_1.0.2+svn18153-0.1_all.deb |
| Debian | 10 | all | libvorbisidec | < 1.0.2+svn18153-0.1 | libvorbisidec_1.0.2+svn18153-0.1_all.deb |
| Debian | 999 | all | libvorbisidec | < 1.0.2+svn18153-0.1 | libvorbisidec_1.0.2+svn18153-0.1_all.deb |
| Debian | 13 | all | libvorbisidec | < 1.0.2+svn18153-0.1 | libvorbisidec_1.0.2+svn18153-0.1_all.deb |
Related
ubuntucve
ubuntucve
CVE-2008-2009
2008-05-16 00:00:00
cve
cve
CVE-2008-2009
2008-05-16 12:54:00
cvelist
cvelist
CVE-2008-2009
2008-05-16 06:54:00
prion
prion
Memory corruption
2008-05-16 12:54:00
veracode
veracode
Denial Of Service (DoS)
2020-04-10 00:23:05
securityvulns
securityvulns
libvorbis library multiple security vulnerabilities
2009-11-25 00:00:00
[USN-861-1] libvorbis vulnerabilities
2009-11-25 00:00:00
openvas
openvas
Ubuntu: Security Advisory (USN-861-1)
2009-12-03 00:00:00
Ubuntu USN-861-1 (libvorbis)
2009-12-03 00:00:00
CentOS Update for libvorbis CESA-2008:0271-01 centos2 i386
2009-02-27 00:00:00
nessus
nessus
Ubuntu 8.04 LTS / 8.10 / 9.04 / 9.10 : libvorbis vulnerabilities (USN-861-1)
2009-11-25 00:00:00
RHEL 2.1 : libvorbis (RHSA-2008:0271)
2008-05-16 00:00:00
ubuntu
ubuntu
libvorbis vulnerabilities
2009-11-24 00:00:00
redhat
redhat
(RHSA-2008:0271) Important: libvorbis security update
2008-05-14 00:00:00
centos
centos
libvorbis security update
2008-05-16 03:59:20
freebsd
freebsd
libtremor -- multiple vulnerabilities
2008-03-19 00:00:00