Xiph.Org libvorbis 1.3.5 allows Remote Code Execution upon freeing uninitialized memory in the function vorbis_analysis_headerout() in info.c when vi->channels<=0, a similar issue to Mozilla bug 550184.
CPE | Name | Operator | Version |
---|---|---|---|
ubuntu_linux | eq | 16.04 | |
ubuntu_linux | eq | 17.10 | |
ubuntu_linux | eq | 14.04 | |
debian_linux | eq | 7.0 | |
debian_linux | eq | 9.0 | |
libvorbis | eq | 1.3.5 |