An out-of-bounds read of a global buffer in the draw_line function in stb_vorbis through 2019-03-04 allows an attacker to cause a denial of service or disclose sensitive information by opening a crafted Ogg Vorbis file.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Debian | 12 | all | libstb | < 0.0~git20190817.1.052dce1-1 | libstb_0.0~git20190817.1.052dce1-1_all.deb |
Debian | 11 | all | libstb | < 0.0~git20190817.1.052dce1-1 | libstb_0.0~git20190817.1.052dce1-1_all.deb |
Debian | 10 | all | libstb | < 0.0~git20180212.15.e6afb9c-1+deb10u1 | libstb_0.0~git20180212.15.e6afb9c-1+deb10u1_all.deb |
Debian | 999 | all | libstb | < 0.0~git20190817.1.052dce1-1 | libstb_0.0~git20190817.1.052dce1-1_all.deb |
Debian | 13 | all | libstb | < 0.0~git20190817.1.052dce1-1 | libstb_0.0~git20190817.1.052dce1-1_all.deb |