2 matches found
CVE-2023-47212
A heap-based buffer overflow vulnerability exists in the comment functionality of stb vorbis.c v1.22. A specially crafted .ogg file can lead to an out-of-bounds write. An attacker can provide a malicious file to trigger this vulnerability...
CVE-2023-47212
CVE-2023-47212 affects stb_vorbis.c v1.22. A heap-based buffer overflow via the comment handling in stb_vorbis can occur with a crafted .ogg file. The root cause is an integer overflow in sizeof(char*) * (f->comment_list_length) in start_decoder, leading to under-allocation of memory and an ou...