9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.042 Low
EPSS
Percentile
92.1%
Red Hat reports:
Will Drewry of the Google Security Team reported several
flaws in the way libvorbis processed audio data. An
attacker could create a carefully crafted [Vorbis] audio file
in such a way that it could cause an application linked
with libvorbis to crash, or execute arbitrary code when
it was opened.