PT-2017-13595 · Xiph.Org +3 · Libvorbis +3

Name of the Vulnerable Software and Affected Versions: libvorbis version 1.3.5 Description: An out-of-bounds array read issue exists in the function mapping0 forward in mapping0.c. This may lead to a denial of service DoS when operating on a crafted audio file with vorbis analysis. Recommendation...

CVE-2007-3106

lib/info.c in libvorbis 1.1.2, and possibly other versions before 1.2.0, allows context-dependent attackers to cause a denial of service and possibly execute arbitrary code via invalid 1 blocksize0 and 2 blocksize1 values, which trigger a "heap overwrite" in the 01inverse function in res0.c. NOTE...