14 matches found
MiracleLinux 3 : libvorbis-1.1.2-3.3.1AXS3 (AXSA:2009-385:01)
The remote MiracleLinux 3 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2009-385:01 advisory. The libvorbis packages contain runtime libraries for use in programs that support Ogg Vorbis. Ogg Vorbis is a fully open, non-proprietary, patent-and...
EUVD-2008-2007
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2020-21723
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A Segmentation Fault issue discovered StreamSerializer::extractStreams function in streamSerializer.cpp in oggvideotools 0.9.1 allows remote attackers to cause ...
Linux Distros Unpatched Vulnerability : CVE-2020-21724
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Buffer Overflow vulnerability in ExtractorInformation function in streamExtractor.cpp in oggvideotools 0.9.1 allows remaote attackers to run arbitrary code via...
Sourceforge Ogg Video Tools 缓冲区错误漏洞
Sourceforge Ogg Video Tools is a Sourceforge open source toolkit for manipulating and creating Ogg video files. A security vulnerability exists in Sourceforge Ogg Video Tools version 0.9.1, which stems from the presence of a buffer overflow vulnerability that allows remote attackers to execute...
Sourceforge Ogg Video Tools 资源管理错误漏洞
Sourceforge Ogg Video Tools is a Sourceforge open source toolkit for manipulating and creating Ogg video files. A security vulnerability exists in Sourceforge Ogg Video Tools version 0.9.1, which stems from the presence of a buffer overflow vulnerability. An attacker can exploit the vulnerability...
SUSE CVE-2020-20412
lib/codebook.c in libvorbis before 1.3.6, as used in StepMania 5.0.12 and other products, has insufficient array bounds checking via a crafted OGG file. NOTE: this may overlap CVE-2018-5146...
CVE-2011-3005
Use-after-free vulnerability in Mozilla Firefox 4.x through 6, Thunderbird before 7.0, and SeaMonkey before 2.4 allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via crafted OGG headers in a .ogg file...
SuSE9 Security Update : libvorbis (YOU Patch Number 11932)
Specially crafted OGG files could crash libvorbis or make it run into an endless loop. CVE-2007-4029, CVE-2007-4065, CVE-2007-4066 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if...
DEBIAN-CVE-2009-2663
libvorbis before r16182, as used in Mozilla Firefox 3.5.x before 3.5.2 and other products, allows context-dependent attackers to cause a denial of service memory corruption and application crash or possibly execute arbitrary code via a crafted .ogg file...
DEBIAN-CVE-2008-2009
Xiph.org libvorbis before 1.0 does not properly check for underpopulated Huffman trees, which allows remote attackers to cause a denial of service crash via a crafted OGG file that triggers memory corruption during execution of the makedecodetree function...
Denial of Service (DoS)
Overview Affected versions of this package are vulnerable to Denial of Service DoS. Integer overflow in residue partition value aka partvals evaluation in Xiph.org libvorbis 1.2.0 and earlier allows remote attackers to execute arbitrary code via a crafted OGG file, which triggers a heap overflow...
Multiple libvorbis flaws (CVE-2007-4066, CVE-2007-4029)
Multiple buffer overflows in Xiph.Org libvorbis before 1.2.0 allow context-dependent attackers to cause a denial of service or have other unspecified impact via a crafted OGG file, aka trac Changesets 13162, 13168, 13169, 13170, 13172, 13211, and 13215, as demonstrated by an overflow in oggenc.ex...
CVE-2007-4066
Multiple buffer overflows in Xiph.Org libvorbis before 1.2.0 allow context-dependent attackers to cause a denial of service or have other unspecified impact via a crafted OGG file, aka trac Changesets 13162, 13168, 13169, 13170, 13172, 13211, and 13215, as demonstrated by an overflow in oggenc.ex...