MiracleLinux 4 : firefox-52.7.2-1.0.1.AXS4 (AXSA:2018-2628:03)

The remote MiracleLinux 4 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2018-2628:03 advisory. Mozilla: Vorbis audio processing out of bounds write MFSA 2018-08 CVE-2018-5146 Tenable has extracted the preceding description block directly from the...

MiracleLinux 4 : libvorbis-1.2.3-5.AXS4.1 (AXSA:2018-2651:01)

The remote MiracleLinux 4 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2018-2651:01 advisory. Mozilla: Vorbis audio processing out of bounds write MFSA 2018-08 CVE-2018-5146 Tenable has extracted the preceding description block directly from the...

EUVD-2018-16933

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2018-5146

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An out of bounds memory write while processing Vorbis audio data was reported through the Pwn2Own contest. This vulnerability affects Firefox 59.0.1, Firefox ES...

Mageia: Security Advisory (MGASA-2018-0203)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2018:0783-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2018:0850-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Design/Logic Flaw

lib/codebook.c in libvorbis before 1.3.6, as used in StepMania 5.0.12 and other products, has insufficient array bounds checking via a crafted OGG file. NOTE: this may overlap CVE-2018-5146...

Huawei EulerOS: Security Advisory for libvorbis (EulerOS-SA-2018-1155)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for libvorbis (EulerOS-SA-2018-1105)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for libvorbis (EulerOS-SA-2018-1104)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for firefox (EulerOS-SA-2018-1189)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for firefox (EulerOS-SA-2018-1118)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Security Bulletin: Open Source Libvorbis, Patch and Python-paramiko vulnerabilities affect IBM Netezza Host Management

Summary Open Source Libvorbis Patch and Python-paramiko is used by IBM Netezza Host Management. IBM Netezza Host Management has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2018-7750 DESCRIPTION: Paramiko could allow a remote attacker to bypass security restrictions, caused by...

NewStart CGSL CORE 5.04 / MAIN 5.04 : libvorbis Vulnerability (NS-SA-2019-0026)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has libvorbis packages installed that are affected by a vulnerability: - An out of bounds write flaw was found in the processing of vorbis audio data. A maliciously crafted file or audio stream could cause the application to...

NewStart CGSL MAIN 4.05 : libvorbis Vulnerability (NS-SA-2019-0122)

The remote NewStart CGSL host, running version MAIN 4.05, has libvorbis packages installed that are affected by a vulnerability: - An out of bounds write flaw was found in the processing of vorbis audio data. A maliciously crafted file or audio stream could cause the application to crash or,...

Fedora 29 : mingw-libvorbis (2019-2e385f97e2)

The remote Fedora 29 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2019-2e385f97e2 advisory. MinGW cross compiled libvorbis 1.3.6 + various patches backported from git. This is a security fix for: CVE-2017-11333 CVE-2017-11735 CVE-2017-14160...

Fedora 28 : 1:libvorbis (2018-def329f680)

libvorbis 1.3.6. Fixes CVE-2018-5146. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVE...

UBUNTU-CVE-2018-5147

The libtremor library has the same flaw as CVE-2018-5146. This library is used by Firefox in place of libvorbis on Android and ARM platforms. This vulnerability affects Firefox ESR 52.7.2 and Firefox 59.0.1...

CVE-2018-5146

An out of bounds memory write while processing Vorbis audio data was reported through the Pwn2Own contest. This vulnerability affects Firefox 59.0.1, Firefox ESR 52.7.2, and Thunderbird 52.7...