20 matches found
Linux Distros Unpatched Vulnerability : CVE-2014-9638
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - oggenc in vorbis-tools 1.4.0 allows remote attackers to cause a denial of service divide-by-zero error and crash via a WAV file with the number of channels set ...
RHEL 6 : vorbis-tools (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - vorbis-tools: segfault when trying to encode trivial raw input CVE-2014-9640 - vorbis-tools: Invalid memo...
Debian: Security Advisory (DLA-317-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2014-9638 affecting package vorbis-tools for versions less than 1.4.0-35
CVE-2014-9638 affecting package vorbis-tools for versions less than 1.4.0-35. A patched version of the package is available...
CVE-2014-9638 affecting package vorbis-tools for versions less than 1.4.0-35
CVE-2014-9638 affecting package vorbis-tools for versions less than 1.4.0-35. A patched version of the package is available...
Debian DLA-1010-1 : vorbis-tools security update
vorbis-tools is vulnerable to multiple issues that can result in denial of service. CVE-2014-9638 Divide by zero error in oggenc with a WAV file whose number of channels is set to zero. CVE-2014-9639 Integer overflow in oggenc via a crafted number of channels in a WAV file, which triggers an...
[SECURITY] [DLA 1010-1] vorbis-tools security update
Package : vorbis-tools Version : 1.4.0-1+deb7u1 CVE ID : CVE-2014-9638 CVE-2014-9639 CVE-2014-9640 CVE-2015-6749 Debian Bug : 797461 776086 771363 vorbis-tools is vulnerable to multiple issues that can result in denial of service. CVE-2014-9638 Divide by zero error in oggenc with a WAV file whose...
Debian DLA-317-1 : vorbis-tools security update
Various issues have been fixed in Debian LTS squeeze for package vorbis-tools. CVE-2014-9638 A crafted WAV file with number of channels set to 0 will cause oggenc to crash due to a division by zero issue. This issue has been fixed upstream by providing a fix for CVE-2014-9639. Reported upstream b...
[SECURITY] [DLA 317-1] vorbis-tools security update
Package : vorbis-tools Version : 1.4.0-1+deb6u1 CVE ID : CVE-2014-9638 CVE-2014-9639 CVE-2014-9640 CVE-2015-6749 Debian Bug : 771363 797461 776086 Various issues have been fixed in Debian LTS squeeze for package vorbis-tools. CVE-2014-9638 A crafted WAV file with number of channels set to 0 will...
DLA-317-1 vorbis-tools - security update
Bulletin has no description...
SUSE SLED12 / SLES12 Security Update : vorbis-tools (SUSE-SU-2015:1014-1)
Vorbis tools was updated to fix division by zero and integer overflows by crafted WAV files CVE-2014-9638, CVE-2014-9639, bnc914439, bnc914441, that would allow attackers to crash the vorbis tools processes. Note that Tenable Network Security has extracted the preceding description block directly...
openSUSE Security Update : vorbis-tools (openSUSE-2015-239)
vorbis-tools was updated to fix division by zero and integer overflow by crafted WAV files CVE-2014-9638, CVE-2014-9639, bnc914439, bnc914441. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update...
Updated vorbis-tools packages fix security vulnerabilities
Updated vorbis-tools package fixes security vulnerabilities: oggenc in vorbis-tools 1.4.0 allows remote attackers to cause a denial of service divide-by-zero error and crash via a WAV file with the number of channels set to zero CVE-2014-9638. Integer overflow in oggenc in vorbis-tools 1.4.0 allo...
Fedora 20 : vorbis-tools-1.4.0-14.fc20 (2015-2330)
validate count of channels in the header CVE-2014-9638 and CVE-2014-9639 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing...
Fedora 21 : vorbis-tools-1.4.0-19.fc21 (2015-2335)
validate count of channels in the header CVE-2014-9638 and CVE-2014-9639 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing...
Fedora Update for vorbis-tools FEDORA-2015-2335
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2014-9638
oggenc in vorbis-tools 1.4.0 allows remote attackers to cause a denial of service divide-by-zero error and crash via a WAV file with the number of channels set to zero...
CVE-2014-9638
oggenc in vorbis-tools 1.4.0 allows remote attackers to cause a denial of service divide-by-zero error and crash via a WAV file with the number of channels set to zero...
CVE-2014-9638
CVE-2014-9638 affects vorbis-tools 1.4.0 oggenc: processing a WAV with channels set to zero causes a division-by-zero crash. CVE-2014-9639 is an integer overflow in oggenc via crafted channel counts, triggering out-of-bounds memory access. CVE-2014-9640 is an out-of-bounds read in oggenc via craf...
CVE-2014-9638
oggenc in vorbis-tools 1.4.0 allows remote attackers to cause a denial of service divide-by-zero error and crash via a WAV file with the number of channels set to zero...