20 matches found
Linux Distros Unpatched Vulnerability : CVE-2014-9640
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - oggenc/oggenc.c in vorbis-tools 1.4.0 allows remote attackers to cause a denial of service out-of-bounds read via a crafted raw file. CVE-2014-9640 Note that...
RHEL 6 : vorbis-tools (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - vorbis-tools: segfault when trying to encode trivial raw input CVE-2014-9640 - vorbis-tools: Invalid memo...
Debian: Security Advisory (DLA-317-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Mageia: Security Advisory (MGASA-2015-0051)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2015:0367-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian DLA-1010-1 : vorbis-tools security update
vorbis-tools is vulnerable to multiple issues that can result in denial of service. CVE-2014-9638 Divide by zero error in oggenc with a WAV file whose number of channels is set to zero. CVE-2014-9639 Integer overflow in oggenc via a crafted number of channels in a WAV file, which triggers an...
[SECURITY] [DLA 1010-1] vorbis-tools security update
Package : vorbis-tools Version : 1.4.0-1+deb7u1 CVE ID : CVE-2014-9638 CVE-2014-9639 CVE-2014-9640 CVE-2015-6749 Debian Bug : 797461 776086 771363 vorbis-tools is vulnerable to multiple issues that can result in denial of service. CVE-2014-9638 Divide by zero error in oggenc with a WAV file whose...
Debian DLA-317-1 : vorbis-tools security update
Various issues have been fixed in Debian LTS squeeze for package vorbis-tools. CVE-2014-9638 A crafted WAV file with number of channels set to 0 will cause oggenc to crash due to a division by zero issue. This issue has been fixed upstream by providing a fix for CVE-2014-9639. Reported upstream b...
[SECURITY] [DLA 317-1] vorbis-tools security update
Package : vorbis-tools Version : 1.4.0-1+deb6u1 CVE ID : CVE-2014-9638 CVE-2014-9639 CVE-2014-9640 CVE-2015-6749 Debian Bug : 771363 797461 776086 Various issues have been fixed in Debian LTS squeeze for package vorbis-tools. CVE-2014-9638 A crafted WAV file with number of channels set to 0 will...
DLA-317-1 vorbis-tools - security update
Bulletin has no description...
SUSE SLED12 / SLES12 Security Update : vorbis-tools (SUSE-SU-2015:0367-1)
This update fixes the following security issue : - A crafted raw file used as input could cause a segmentation fault CVE-2014-9640, bsc914938 Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to...
openSUSE Security Update : vorbis-tools (openSUSE-2015-114)
vorbis-tools was updated to fix one security issue. This security issue was fixed : - Segfault when trying to encode trivial raw input CVE-2014-9640. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security...
Fedora 20 : vorbis-tools-1.4.0-13.fc20 (2015-1191)
do not use stack variable out of its scope of validity CVE-2014-9640 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing...
Fedora Update for vorbis-tools FEDORA-2015-1253
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 21 : vorbis-tools-1.4.0-18.fc21 (2015-1253)
do not use stack variable out of its scope of validity CVE-2014-9640 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing...
SUSE-SU-2015:0367-1 Security update for vorbis-tools
This update fixes the following security issue: - A crafted raw file used as input could cause a segmentation fault CVE-2014-9640, bsc914938...
CVE-2014-9640
oggenc/oggenc.c in vorbis-tools 1.4.0 allows remote attackers to cause a denial of service out-of-bounds read via a crafted raw file...
CVE-2014-9640
oggenc/oggenc.c in vorbis-tools 1.4.0 allows remote attackers to cause a denial of service out-of-bounds read via a crafted raw file...
CVE-2014-9640
CVE-2014-9640 affects vorbis-tools 1.4.0, specifically oggenc/oggenc.c. The vulnerability is an out-of-bounds read triggered by a crafted raw file, enabling a remote attacker to cause a denial of service. Multiple distributions reference this issue and provide patches/upstream fixes (e.g., Debian...
CVE-2014-9640
oggenc/oggenc.c in vorbis-tools 1.4.0 allows remote attackers to cause a denial of service out-of-bounds read via a crafted raw file...