CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
EPSS
Percentile
92.2%
Paris Zoumpouloglou reports:
I discovered an integer overflow issue in oggenc,
related to the number of channels in the input WAV file.
The issue triggers an out-of-bounds memory access which
causes oggenc to crash.
Paris Zoumpouloglou reports:
A crafted WAV file with number of channels set to 0
will cause oggenc to crash due to a division by zero
issue.
pengsu reports:
I discovered an buffer overflow issue in oggenc/audio.c
when it tries to open invalid aiff file.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
FreeBSD | any | noarch | vorbis-tools | < 1.4.0_10,3 | UNKNOWN |
FreeBSD | any | noarch | opus-tools | < 0.1.9_2 | UNKNOWN |