SUSE CVE-2007-4029

libvorbis 1.1.2, and possibly other versions before 1.2.0, allows context-dependent attackers to cause a denial of service via 1 an invalid mapping type, which triggers an out-of-bounds read in the vorbisinfoclear function in info.c, and 2 invalid blocksize values that trigger a segmentation faul...

Oracle: Security Advisory (ELSA-2007-0845)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Scientific Linux Security Update : libvorbis on SL5.x, SL4.x, SL3.x i386/x86_64

Several flaws were found in the way libvorbis processed audio data. An attacker could create a carefully crafted OGG audio file in such a way that it could cause an application linked with libvorbis to crash or execute arbitrary code when it was opened. CVE-2007-3106, CVE-2007-4029, CVE-2007-4065...

SLES10: Security update for libvorbis

The remote host is missing updates to packages that affect the security of your system. One or more of the following packages are affected: libvorbis libvorbis-devel More details may also be found by searching for the SuSE Enterprise Server 10 patch database linked in the references...

SuSE9 Security Update : libvorbis (YOU Patch Number 11932)

Specially crafted OGG files could crash libvorbis or make it run into an endless loop. CVE-2007-4029, CVE-2007-4065, CVE-2007-4066 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if...

Mandriva Update for libvorbis MDKSA-2007:167 (libvorbis)

Check for the Version of libvorbis OpenVAS Vulnerability Test Mandriva Update for libvorbis MDKSA-2007:167 libvorbis Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify i...

Gentoo Security Advisory GLSA 200710-03 (libvorbis)

The remote host is missing updates announced in advisory GLSA 200710-03. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...

SuSE 10 Security Update : libvorbis (ZYPP Patch Number 4584)

Specially crafted OGG files could crash libvorbis or make it run into an endless loop. CVE-2007-4029 / CVE-2007-4065 / CVE-2007-4066 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if...

openSUSE 10 Security Update : libvorbis (libvorbis-4583)

Specially crafted OGG files could crash libvorbis or make it run into an endless loop CVE-2007-4029, CVE-2007-4065, CVE-2007-4066. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update libvorbis-458...

libvorbis security update

CentOS Errata and Security Advisory CESA-2007:0912-01 Updated libvorbis packages to correct several security issues are now available for Red Hat Enterprise Linux 2.1 This update has been rated as having important security impact by the Red Hat Security Response Team. The libvorbis package contai...

RHEL 2.1 : libvorbis (RHSA-2007:0912)

Updated libvorbis packages to correct several security issues are now available for Red Hat Enterprise Linux 2.1 This update has been rated as having important security impact by the Red Hat Security Response Team. The libvorbis package contains runtime libraries for use in programs that support...

Important: Red Hat Security Advisory: libvorbis security update

Updated libvorbis packages to correct several security issues are now available for Red Hat Enterprise Linux 2.1 This update has been rated as having important security impact by the Red Hat Security Response Team. The libvorbis package contains runtime libraries for use in programs that support...

RHEL 3 / 4 / 5 : libvorbis (RHSA-2007:0845)

Updated libvorbis packages to correct several security issues are now available for Red Hat Enterprise Linux 3, 4, and 5. This update has been rated as having important security impact by the Red Hat Security Response Team. The libvorbis package contains runtime libraries for use in programs that...

CentOS 3 / 4 / 5 : libvorbis (CESA-2007:0845)

Updated libvorbis packages to correct several security issues are now available for Red Hat Enterprise Linux 3, 4, and 5. This update has been rated as having important security impact by the Red Hat Security Response Team. The libvorbis package contains runtime libraries for use in programs that...

libvorbis security update

CentOS Errata and Security Advisory CESA-2007:0845 Updated libvorbis packages to correct several security issues are now available for Red Hat Enterprise Linux 3, 4, and 5. This update has been rated as having important security impact by the Red Hat Security Response Team. The libvorbis package...

Multiple libvorbis flaws (CVE-2007-4066, CVE-2007-4029)

lib/vorbisfile.c in libvorbisfile in Xiph.Org libvorbis before 1.2.0 allows context-dependent attackers to cause a denial of service infinite loop via a crafted OGG file, aka trac Changeset 13217...

CVE-2007-4029

CVE-2007-4029 affects libvorbis (1.1.2 and possibly earlier, up to 1.2.0) and can be exploited by processing crafted OGG data to cause a crash or DoS. The issue arises from (1) an invalid mapping type triggering an out-of-bounds read in vorbis_info_clear (info.c) and (2) invalid blocksize values ...

Heap overflow

lib/info.c in libvorbis 1.1.2, and possibly other versions before 1.2.0, allows context-dependent attackers to cause a denial of service and possibly execute arbitrary code via invalid 1 blocksize0 and 2 blocksize1 values, which trigger a "heap overwrite" in the 01inverse function in res0.c. NOTE...

CVE-2007-3106

lib/info.c in libvorbis 1.1.2, and possibly other versions before 1.2.0, allows context-dependent attackers to cause a denial of service and possibly execute arbitrary code via invalid 1 blocksize0 and 2 blocksize1 values, which trigger a "heap overwrite" in the 01inverse function in res0.c. NOTE...

CVE-2007-3106

lib/info.c in libvorbis 1.1.2, and possibly other versions before 1.2.0, allows context-dependent attackers to cause a denial of service and possibly execute arbitrary code via invalid 1 blocksize0 and 2 blocksize1 values, which trigger a "heap overwrite" in the 01inverse function in res0.c. NOTE...