CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
AI Score
Confidence
Low
EPSS
Percentile
95.3%
USN-611-1 fixed a vulnerability in Speex. This update provides the
corresponding update for ogg123, part of vorbis-tools.
Original advisory details:
It was discovered that Speex did not properly validate its input when
processing Speex file headers. If a user or automated system were
tricked into opening a specially crafted Speex file, an attacker could
create a denial of service in applications linked against Speex or
possibly execute arbitrary code as the user invoking the program.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Ubuntu | 8.04 | noarch | vorbis-tools | <Β 1.1.1-15ubuntu0.1 | UNKNOWN |
Ubuntu | 7.10 | noarch | vorbis-tools | <Β 1.1.1-13ubuntu0.1 | UNKNOWN |
Ubuntu | 7.04 | noarch | vorbis-tools | <Β 1.1.1-6ubuntu0.1 | UNKNOWN |
Ubuntu | 6.06 | noarch | vorbis-tools | <Β 1.1.1-3ubuntu0.1 | UNKNOWN |