Lucene search

Vorbis-Tools Security Vulnerabilities

cve

CVE-2014-9638

oggenc in vorbis-tools 1.4.0 allows remote attackers to cause a denial of service (divide-by-zero error and crash) via a WAV file with the number of channels set to zero.

6.3AI Score

0.04EPSS

2015-01-23 03:59 PM

cve

CVE-2014-9639

Integer overflow in oggenc in vorbis-tools 1.4.0 allows remote attackers to cause a denial of service (crash) via a crafted number of channels in a WAV file, which triggers an out-of-bounds memory access.

6.5AI Score

0.04EPSS

2015-01-23 03:59 PM

cve

CVE-2014-9640

oggenc/oggenc.c in vorbis-tools 1.4.0 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted raw file.

6.2AI Score

0.029EPSS

2015-01-23 03:59 PM

cve

CVE-2015-6749

Buffer overflow in the aiff_open function in oggenc/audio.c in vorbis-tools 1.4.0 and earlier allows remote attackers to cause a denial of service (crash) via a crafted AIFF file.

6.5AI Score

0.024EPSS

2015-09-21 07:59 PM

cve

CVE-2017-11331

The wav_open function in oggenc/audio.c in Xiph.Org vorbis-tools 1.4.0 allows remote attackers to cause a denial of service (memory allocation error) via a crafted wav file.

5.5CVSS

5.1AI Score

0.002EPSS

2017-07-31 01:29 PM

cve

CVE-2023-43361

Buffer Overflow vulnerability in Vorbis-tools v.1.4.2 allows a local attacker to execute arbitrary code and cause a denial of service during the conversion of wav files to ogg files.

7.8CVSS

7.7AI Score

0.001EPSS

2023-10-02 09:15 PM