2 matches found
CVE-2014-0045
CVE-2014-0045 affects Mumble: in needSamples, the code path via opus_decode_float does not check the return value, allowing a crafted Opus voice packet to trigger a heap-based buffer over-read/over-write and a crash, potentially enabling arbitrary code execution. Affected: Mumble 1.2.4 and the 1....
CVE-2014-1916
The CVE-2014-1916 entry concerns MumbleKit (before commit fd190328a9b24d37382b269a5674b0c0c7a7e36d) and Mumble for iOS (versions 1.1–1.2.2). The vulnerability lies in the client code where opus_packet_get_nb_frames and opus_packet_get_samples_per_frame do not properly validate the return value of...