2 matches found
Out-of-bounds Write
Overview Affected versions of this package are vulnerable to Out-of-bounds Write in the startdecoder function, an attacker can execute arbitrary code by exploiting an integer overflow that leads to memory write past an allocated heap buffer. This is due to the potential integer overflow in...
UBUNTU-CVE-2023-45681
stbvorbis is a single file MIT licensed library for processing ogg vorbis files. A crafted file may trigger memory write past an allocated heap buffer in startdecoder. The root cause is a potential integer overflow in sizeofchar f-commentlistlength which may make setupmalloc allocate less memory...