9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.068 Low
EPSS
Percentile
93.8%
Secunia reports:
A vulnerability has been reported in vorbis-tools,
which can potentially be exploited by malicious people
to compromise a userβs system.
The vulnerability is caused due to an input validation
error when processing Speex headers, which can be
exploited via a specially crafted Speex stream containing
a negative βmodeIDβ field in the header.
Successful exploitation may allow execution of arbitrary
code.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
FreeBSD | any | noarch | vorbis-tools | <Β 1.2.0_2,3 | UNKNOWN |