MiracleLinux 3 : libvorbis-1.1.2-3.3.1AXS3 (AXSA:2009-385:01)

The remote MiracleLinux 3 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2009-385:01 advisory. The libvorbis packages contain runtime libraries for use in programs that support Ogg Vorbis. Ogg Vorbis is a fully open, non-proprietary, patent-and...

MiracleLinux 3 : libvorbis-1.1.2-3.6.0.1.AXS3 (AXSA:2012-272:01)

The remote MiracleLinux 3 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2012-272:01 advisory. Ogg Vorbis is a fully open, non-proprietary, patent-and royalty-free, general-purpose compressed audio format for audio and music at fixed and variable bitrat...

MiracleLinux 3 : libvorbis-1.1.2-3.4.1AXS3 (AXSA:2009-422:02)

The remote MiracleLinux 3 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2009-422:02 advisory. Ogg Vorbis is a fully open, non-proprietary, patent-and royalty-free, general-purpose compressed audio format for audio and music at fixed and variable bitrat...

EUVD-2007-3098

Malware in sbrugna...

EUVD-2017-5670

Malware in sbrugna...

EUVD-2020-13199

Malware in sbrugna...

EUVD-2017-2967

Malware in sbrugna...

SUSE CVE-2008-2009

Xiph.org libvorbis before 1.0 does not properly check for underpopulated Huffman trees, which allows remote attackers to cause a denial of service crash via a crafted OGG file that triggers memory corruption during execution of the makedecodetree function...

SUSE CVE-2009-2663

libvorbis before r16182, as used in Mozilla Firefox 3.5.x before 3.5.2 and other products, allows context-dependent attackers to cause a denial of service memory corruption and application crash or possibly execute arbitrary code via a crafted .ogg file...

Xiph.Org libvorbis 'bark_noise_hybridmp' function stack buffer out-of-bounds read vulnerability

Xiph.Org libvorbis is an open source library of audio encoding and decoding functions for medium to high quality audio at fixed or variable bit rates. A stack buffer out-of-bounds read vulnerability exists in the 'barknoisehybridmp' function of the psy.c file in Xiph.Org libvorbis version 1.3.6. ...

Denial Of Service (DoS) Through Out-of-Bounds Write

libvorbis.so is vulnerable to out-of-bounds write. A malicious user can pass a audio file that when processed causes a out-of-bounds write that can lead to arbitrary code execution or to the application crashing...

USN-3604-1 libvorbis vulnerability

Richard Zhu discovered that libvorbis incorrectly handled certain sound files. An attacker could use this to cause libvorbis to crash, resulting in a denial or service, or possibly execute arbitrary code...

MGASA-2018-0084 Updated libvorbis packages fix security vulnerabilities

Xiph.Org libvorbis 1.3.5 allows Remote Code Execution upon freeing uninitialized memory in the function vorbisanalysisheaderout in info.c when vi-channels=0, a similar issue to Mozilla bug 550184 CVE-2017-14632. In Xiph.Org libvorbis 1.3.5, an out-of-bounds array read vulnerability exists in the...

UBUNTU-CVE-2017-14160

The barknoisehybridmp function in psy.c in Xiph.Org libvorbis 1.3.5 allows remote attackers to cause a denial of service out-of-bounds access and application crash or possibly have unspecified other impact via a crafted mp4 file...

DEBIAN-CVE-2017-14632

Xiph.Org libvorbis 1.3.5 allows Remote Code Execution upon freeing uninitialized memory in the function vorbisanalysisheaderout in info.c when vi-channels=0, a similar issue to Mozilla bug 550184...

ALPINE-CVE-2017-14632

Xiph.Org libvorbis 1.3.5 allows Remote Code Execution upon freeing uninitialized memory in the function vorbisanalysisheaderout in info.c when vi-channels=0, a similar issue to Mozilla bug 550184...

DEBIAN-CVE-2017-11333

The vorbisanalysiswrote function in lib/block.c in Xiph.Org libvorbis 1.3.5 allows remote attackers to cause a denial of service OOM via a crafted wav file...

CVE-2017-11333

The vorbisanalysiswrote function in lib/block.c in Xiph.Org libvorbis 1.3.5 allows remote attackers to cause a denial of service OOM via a crafted wav file...

SuSE 11 Security Update : Mozilla Firefox (SAT Patch Number 1200)

Mozilla Firefox was updated to the 3.0.13 release, fixing some security issues and bugs : - Security researcher Juan Pablo Lopez Yacubian reported that an attacker could call window.open on an invalid URL which looks similar to a legitimate URL and then use document.write to place content within...

CVE-2009-2663

libvorbis before r16182, as used in Mozilla Firefox 3.5.x before 3.5.2 and other products, allows context-dependent attackers to cause a denial of service memory corruption and application crash or possibly execute arbitrary code via a crafted .ogg file...