Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
oraclelinuxOracleLinuxELSA-2018-0649
HistoryApr 05, 2018 - 12:00 a.m.

libvorbis security update

2018-04-0500:00:00
linux.oracle.com
22

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.875 High

EPSS

Percentile

98.3%

JSON

[1.2.3-5.1]

  • Backport fix for CVE-2018-5146
    [1.2.3-5]
  • fix CVE-2012-0444 (#787077)
OSVersionArchitecturePackageVersionFilename
oracle linux6srclibvorbis< 1.2.3-5.el6_9.1libvorbis-1.2.3-5.el6_9.1.src.rpm
oracle linux6i686libvorbis< 1.2.3-5.el6_9.1libvorbis-1.2.3-5.el6_9.1.i686.rpm
oracle linux6i686libvorbis-devel< 1.2.3-5.el6_9.1libvorbis-devel-1.2.3-5.el6_9.1.i686.rpm
oracle linux6noarchlibvorbis-devel-docs< 1.2.3-5.el6_9.1libvorbis-devel-docs-1.2.3-5.el6_9.1.noarch.rpm
oracle linux6srclibvorbis< 1.2.3-5.el6_9.1libvorbis-1.2.3-5.el6_9.1.src.rpm
oracle linux6i686libvorbis< 1.2.3-5.el6_9.1libvorbis-1.2.3-5.el6_9.1.i686.rpm
oracle linux6x86_64libvorbis< 1.2.3-5.el6_9.1libvorbis-1.2.3-5.el6_9.1.x86_64.rpm
oracle linux6i686libvorbis-devel< 1.2.3-5.el6_9.1libvorbis-devel-1.2.3-5.el6_9.1.i686.rpm
oracle linux6x86_64libvorbis-devel< 1.2.3-5.el6_9.1libvorbis-devel-1.2.3-5.el6_9.1.x86_64.rpm
oracle linux6noarchlibvorbis-devel-docs< 1.2.3-5.el6_9.1libvorbis-devel-docs-1.2.3-5.el6_9.1.noarch.rpm

Related

nessus 59
checkpoint_advisories 2
redhat 4
fedora 5
suse 3
securityvulns 3
ubuntucve 3
openvas 57
debian 9
freebsd 2
centos 4
zdi 2
cve 4
prion 4
debiancve 3
mozilla 2
ubuntu 3
veracode 3
oraclelinux 3
amazon 3
osv 8
alpinelinux 1
mageia 1
android 1
redhatcve 1
ibm 2
cloudfoundry 1
archlinux 3
kaspersky 2
slackware 1
nessus
nessus
OracleVM 3.4 : libvorbis (OVMSA-2018-0030)
2018-04-10 00:00:00
OracleVM 3.3 : libvorbis (OVMSA-2018-0031)
2018-04-10 00:00:00
openSUSE Security Update : libvorbis (openSUSE-2012-141)
2014-06-13 00:00:00
checkpoint_advisories
checkpoint_advisories
Mozilla Multiple Products Ogg Vorbis Decoding Memory Corruption (CVE-2012-0444)
2012-05-14 00:00:00
Mozilla Firefox Vorbis Audio Residue Codebook Out of Bounds Write (CVE-2018-5146)
2018-05-14 00:00:00
redhat
redhat
(RHSA-2012:0136) Important: libvorbis security update
2012-02-15 00:00:00
(RHSA-2018:0649) Important: libvorbis security update
2018-04-05 19:03:13
(RHSA-2018:1058) Important: libvorbis security update
2018-04-10 08:05:03
fedora
fedora
[SECURITY] Fedora 16 Update: libvorbis-1.3.3-1.fc16
2012-02-17 00:57:43
[SECURITY] Fedora 26 Update: libvorbis-1.3.6-1.fc26
2018-03-27 19:31:39
[SECURITY] Fedora 28 Update: libvorbis-1.3.6-1.fc28
2018-03-30 13:35:33
suse
suse
Security update for libvorbis (important)
2012-03-06 23:08:25
libvorbis: fixed a heap based buffer overflow (important)
2012-03-01 23:08:28
Security update for MozillaFirefox (important)
2018-03-18 15:11:21
securityvulns
securityvulns
libvorbis library buffer overflow
2012-02-22 00:00:00
[SECURITY] [DSA 2412-1] libvorbis security update
2012-02-22 00:00:00
Mozilla Foundation Security Advisory 2012-07
2012-02-03 00:00:00
ubuntucve
ubuntucve
CVE-2012-0444
2012-02-01 00:00:00
CVE-2018-5146
2018-03-16 00:00:00
CVE-2018-5147
2018-06-11 00:00:00
openvas
openvas
Fedora Update for libvorbis FEDORA-2012-1652
2012-03-19 00:00:00
CentOS Update for libvorbis CESA-2012:0136 centos6
2012-07-30 00:00:00
RedHat Update for libvorbis RHSA-2012:0136-01
2012-02-21 00:00:00
debian
debian
[SECURITY] [DSA 2412-1] libvorbis security update
2012-02-19 20:23:13
[SECURITY] [DSA 4140-1] libvorbis security update
2018-03-16 19:50:51
[SECURITY] [DSA 4140-1] libvorbis security update
2018-03-16 19:50:51
freebsd
freebsd
libtremor -- memory corruption
2012-01-31 00:00:00
mozilla -- multiple vulnerabilities
2018-03-16 00:00:00
centos
centos
libvorbis security update
2012-02-15 09:08:27
firefox security update
2018-03-20 16:39:22
libvorbis security update
2018-04-09 23:35:22
zdi
zdi
Mozilla Firefox Ogg Vorbis Decoding Memory Corruption Remote Code Execution Vulnerability
2012-04-09 00:00:00
(Pwn2Own) Mozilla Firefox libvorbis OGG Decoding Out-Of-Bounds Write Remote Code Execution Vulnerability
2018-03-23 00:00:00
cve
cve
CVE-2012-0444
2012-02-01 16:55:00
CVE-2018-5146
2018-06-11 21:29:00
CVE-2020-20412
2020-12-26 04:15:00
prion
prion
Memory corruption
2012-02-01 16:55:00
Design/Logic Flaw
2018-06-11 21:29:00
Code injection
2018-06-11 21:29:00
debiancve
debiancve
CVE-2012-0444
2012-02-01 16:55:00
CVE-2018-5146
2018-06-11 21:29:00
CVE-2018-5147
2018-06-11 21:29:00
mozilla
mozilla
Potential Memory Corruption When Decoding Ogg Vorbis files — Mozilla
2012-01-31 00:00:00
Out of bounds memory write while processing Vorbis audio data — Mozilla
2018-03-16 00:00:00
ubuntu
ubuntu
libvorbis vulnerability
2012-02-20 00:00:00
Firefox vulnerability
2018-03-16 00:00:00
libvorbis vulnerability
2018-03-22 00:00:00
veracode
veracode
Arbitrary Code Execution
2020-04-10 01:07:20
Denial Of Service (DoS) Through Out-of-Bounds Write
2019-01-15 09:22:28
Denial Of Service (DoS) Through Out-of-Bounds Write
2018-04-25 09:40:14
oraclelinux
oraclelinux
libvorbis security update
2012-02-15 00:00:00
firefox security update
2018-03-19 00:00:00
libvorbis security update
2018-04-17 00:00:00
amazon
amazon
Important: libvorbis
2012-03-04 16:07:00
Critical: libvorbis
2018-03-22 22:02:00
Critical: libvorbis
2018-04-05 15:57:00
osv
osv
CVE-2018-5146
2018-06-11 21:29:00
libvorbis - security update
2018-03-16 00:00:00
firefox-esr - security update
2018-03-27 00:00:00
alpinelinux
alpinelinux
CVE-2018-5146
2018-06-11 21:29:00
mageia
mageia
Updated libvorbis packages fix security vulnerability
2018-03-19 15:13:14
android
android
CVE-2018-5146
2018-06-01 00:00:00
redhatcve
redhatcve
CVE-2018-5146
2018-03-16 17:48:59
ibm
ibm
Security Bulletin: A vulnerability in libvorbis affects PowerKVM
2018-07-07 00:01:25
Security Bulletin: Open Source Libvorbis, Patch and Python-paramiko vulnerabilities affect IBM Netezza Host Management
2019-10-18 03:36:34
cloudfoundry
cloudfoundry
USN-3604-1: libvorbis vulnerability | Cloud Foundry
2018-05-02 00:00:00
archlinux
archlinux
[ASA-201803-13] firefox: arbitrary code execution
2018-03-18 00:00:00
[ASA-201803-21] lib32-libvorbis: multiple issues
2018-03-19 00:00:00
[ASA-201803-12] libvorbis: multiple issues
2018-03-16 00:00:00
kaspersky
kaspersky
KLA11595 SB vulnerabilities in Mozilla Firefox ESR
2018-03-16 00:00:00
KLA11594 SB vulnerabilities in Mozilla Firefox
2018-03-16 00:00:00
slackware
slackware
[slackware-security] libvorbis
2018-03-18 04:31:27

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.875 High

EPSS

Percentile

98.3%

JSON
Related for ELSA-2018-0649
nessus59checkpoint_advisories2redhat4fedora5suse3securityvulns3ubuntucve3openvas57debian9freebsd2centos4zdi2cve4prion4debiancve3mozilla2ubuntu3veracode3oraclelinux3amazon3osv8alpinelinux1mageia1android1redhatcve1ibm2cloudfoundry1archlinux3kaspersky2slackware1