16 matches found
Linux Distros Unpatched Vulnerability : CVE-2014-9639
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Integer overflow in oggenc in vorbis-tools 1.4.0 allows remote attackers to cause a denial of service crash via a crafted number of channels in a WAV file, whic...
Debian: Security Advisory (DLA-317-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2014-9639 affecting package vorbis-tools for versions less than 1.4.0-35
CVE-2014-9639 affecting package vorbis-tools for versions less than 1.4.0-35. A patched version of the package is available...
Debian DLA-1010-1 : vorbis-tools security update
vorbis-tools is vulnerable to multiple issues that can result in denial of service. CVE-2014-9638 Divide by zero error in oggenc with a WAV file whose number of channels is set to zero. CVE-2014-9639 Integer overflow in oggenc via a crafted number of channels in a WAV file, which triggers an...
[SECURITY] [DLA 1010-1] vorbis-tools security update
Package : vorbis-tools Version : 1.4.0-1+deb7u1 CVE ID : CVE-2014-9638 CVE-2014-9639 CVE-2014-9640 CVE-2015-6749 Debian Bug : 797461 776086 771363 vorbis-tools is vulnerable to multiple issues that can result in denial of service. CVE-2014-9638 Divide by zero error in oggenc with a WAV file whose...
Debian DLA-317-1 : vorbis-tools security update
Various issues have been fixed in Debian LTS squeeze for package vorbis-tools. CVE-2014-9638 A crafted WAV file with number of channels set to 0 will cause oggenc to crash due to a division by zero issue. This issue has been fixed upstream by providing a fix for CVE-2014-9639. Reported upstream b...
[SECURITY] [DLA 317-1] vorbis-tools security update
Package : vorbis-tools Version : 1.4.0-1+deb6u1 CVE ID : CVE-2014-9638 CVE-2014-9639 CVE-2014-9640 CVE-2015-6749 Debian Bug : 771363 797461 776086 Various issues have been fixed in Debian LTS squeeze for package vorbis-tools. CVE-2014-9638 A crafted WAV file with number of channels set to 0 will...
DLA-317-1 vorbis-tools - security update
Bulletin has no description...
SUSE SLED12 / SLES12 Security Update : vorbis-tools (SUSE-SU-2015:1014-1)
Vorbis tools was updated to fix division by zero and integer overflows by crafted WAV files CVE-2014-9638, CVE-2014-9639, bnc914439, bnc914441, that would allow attackers to crash the vorbis tools processes. Note that Tenable Network Security has extracted the preceding description block directly...
openSUSE Security Update : vorbis-tools (openSUSE-2015-239)
vorbis-tools was updated to fix division by zero and integer overflow by crafted WAV files CVE-2014-9638, CVE-2014-9639, bnc914439, bnc914441. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update...
Updated vorbis-tools packages fix security vulnerabilities
Updated vorbis-tools package fixes security vulnerabilities: oggenc in vorbis-tools 1.4.0 allows remote attackers to cause a denial of service divide-by-zero error and crash via a WAV file with the number of channels set to zero CVE-2014-9638. Integer overflow in oggenc in vorbis-tools 1.4.0 allo...
Fedora 20 : vorbis-tools-1.4.0-14.fc20 (2015-2330)
validate count of channels in the header CVE-2014-9638 and CVE-2014-9639 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing...
Fedora 21 : vorbis-tools-1.4.0-19.fc21 (2015-2335)
validate count of channels in the header CVE-2014-9638 and CVE-2014-9639 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing...
Fedora Update for vorbis-tools FEDORA-2015-2335
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2014-9639
Integer overflow in oggenc in vorbis-tools 1.4.0 allows remote attackers to cause a denial of service crash via a crafted number of channels in a WAV file, which triggers an out-of-bounds memory access...
CVE-2014-9639
CVE-2014-9639 affects vorbis-tools (og genc) when processing WAV input: an integer overflow triggered by a crafted number of channels can cause out-of-bounds memory access and crash (DoS). The issue is reported for vorbis-tools 1.4.0; several advisories note that patched versions are available (u...