738 matches found
RHEL 5 : libvorbis (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - libvorbis: heap buffer overflow in mapping0forward function CVE-2018-10392 - The vorbisanalysiswrote...
RHEL 6 : libvorbis (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - libvorbis: heap buffer overflow in mapping0forward function CVE-2018-10392 - The vorbisanalysiswrote...
RHEL 7 : libvorbis (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - libvorbis: heap buffer overflow in mapping0forward function CVE-2018-10392 - The vorbisanalysiswrote...
RHEL 5 : libvorbis (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - libvorbis: heap buffer overflow in mapping0forward function CVE-2018-10392 - The vorbisanalysiswrote...
RHEL 7 : libvorbis (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - libvorbis: heap buffer overflow in mapping0forward function CVE-2018-10392 - The vorbisanalysiswrote...
RHEL 6 : libvorbis (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - libvorbis: heap buffer overflow in mapping0forward function CVE-2018-10392 - The vorbisanalysiswrote...
Rocky Linux 8 : libvorbis (RLSA-2019:3703)
The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2019:3703 advisory. - mapping0forward in mapping0.c in Xiph.Org libvorbis 1.3.6 does not validate the number of channels, which allows remote attackers to cause a denial of...
CVE-2018-10392 affecting package libvorbis for versions less than 1.3.7-1
CVE-2018-10392 affecting package libvorbis for versions less than 1.3.7-1. An upgraded version of the package is available that resolves this issue...
CVE-2018-10393 affecting package libvorbis for versions less than 1.3.7-1
CVE-2018-10393 affecting package libvorbis for versions less than 1.3.7-1. An upgraded version of the package is available that resolves this issue...
Oracle Linux 8 : libvorbis (ELSA-2019-3703)
The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2019-3703 advisory. 1.3.6-2 - Sync with git for CVE-2017-14160, CVE-2018-10392, CVE-2018-10393 Tenable has extracted the preceding description block directly from the Orac...
SUSE CVE-2007-3106
lib/info.c in libvorbis 1.1.2, and possibly other versions before 1.2.0, allows context-dependent attackers to cause a denial of service and possibly execute arbitrary code via invalid 1 blocksize0 and 2 blocksize1 values, which trigger a "heap overwrite" in the 01inverse function in res0.c. NOTE...
SUSE CVE-2007-4029
libvorbis 1.1.2, and possibly other versions before 1.2.0, allows context-dependent attackers to cause a denial of service via 1 an invalid mapping type, which triggers an out-of-bounds read in the vorbisinfoclear function in info.c, and 2 invalid blocksize values that trigger a segmentation faul...
SUSE CVE-2007-4066
Multiple buffer overflows in Xiph.Org libvorbis before 1.2.0 allow context-dependent attackers to cause a denial of service or have other unspecified impact via a crafted OGG file, aka trac Changesets 13162, 13168, 13169, 13170, 13172, 13211, and 13215, as demonstrated by an overflow in oggenc.ex...
SUSE CVE-2008-1420
Integer overflow in residue partition value aka partvals evaluation in Xiph.org libvorbis 1.2.0 and earlier allows remote attackers to execute arbitrary code via a crafted OGG file, which triggers a heap overflow...
SUSE CVE-2008-1419
Xiph.org libvorbis 1.2.0 and earlier does not properly handle a zero value for codebook.dim, which allows remote attackers to cause a denial of service crash or infinite loop or trigger an integer overflow...
SUSE CVE-2008-2009
Xiph.org libvorbis before 1.0 does not properly check for underpopulated Huffman trees, which allows remote attackers to cause a denial of service crash via a crafted OGG file that triggers memory corruption during execution of the makedecodetree function...
SUSE CVE-2009-2663
libvorbis before r16182, as used in Mozilla Firefox 3.5.x before 3.5.2 and other products, allows context-dependent attackers to cause a denial of service memory corruption and application crash or possibly execute arbitrary code via a crafted .ogg file...
SUSE CVE-2009-3379
Multiple unspecified vulnerabilities in libvorbis, as used in Mozilla Firefox 3.5.x before 3.5.4, allow remote attackers to cause a denial of service application crash or possibly execute arbitrary code via unknown vectors. NOTE: this might overlap CVE-2009-2663...
SUSE CVE-2017-11333
The vorbisanalysiswrote function in lib/block.c in Xiph.Org libvorbis 1.3.5 allows remote attackers to cause a denial of service OOM via a crafted wav file...
SUSE CVE-2017-14160
The barknoisehybridmp function in psy.c in Xiph.Org libvorbis 1.3.5 allows remote attackers to cause a denial of service out-of-bounds access and application crash or possibly have unspecified other impact via a crafted mp4 file...