Libvorbis@1.3.5 Security Vulnerabilities and Issues — Libvorbis@1.3.5 CVE List

Lucene search

Xiph.orgLibvorbis1.3.5

4 matches found

CVE•added 2017/07/31 1:29 p.m.•216 views

CVE-2017-11333

The vorbis_analysis_wrote function in lib/block.c in Xiph.Org libvorbis 1.3.5 allows remote attackers to cause a denial of service (OOM) via a crafted wav file.

5.5CVSS6.1AI score0.01188EPSS

CVE•added 2017/09/21 7:29 a.m.•197 views

CVE-2017-14633

In Xiph.Org libvorbis 1.3.5, an out-of-bounds array read vulnerability exists in the function mapping0_forward() in mapping0.c, which may lead to DoS when operating on a crafted audio file with vorbis_analysis().

6.5CVSS7.3AI score0.01001EPSS

CVE•added 2017/09/21 7:29 a.m.•170 views

CVE-2017-14632

Xiph.Org libvorbis 1.3.5 allows Remote Code Execution upon freeing uninitialized memory in the function vorbis_analysis_headerout() in info.c when vi->channels

9.8CVSS9.5AI score0.06507EPSS

CVE•added 2017/09/21 2:29 p.m.•106 views

CVE-2017-14160

The bark_noise_hybridmp function in psy.c in Xiph.Org libvorbis 1.3.5 allows remote attackers to cause a denial of service (out-of-bounds access and application crash) or possibly have unspecified other impact via a crafted mp4 file.

8.8CVSS8.7AI score0.01543EPSS