UbuntuUSN-611-2vorbis-tools vulnerability
7.2 High
AI Score
Confidence
Low
9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.068 Low
EPSS
Percentile
93.8%
Releases
- Ubuntu 8.04
- Ubuntu 7.10
- Ubuntu 7.04
- Ubuntu 6.06
Packages
- vorbis-tools -
Details
USN-611-1 fixed a vulnerability in Speex. This update provides the
corresponding update for ogg123, part of vorbis-tools.
Original advisory details:
It was discovered that Speex did not properly validate its input when
processing Speex file headers. If a user or automated system were
tricked into opening a specially crafted Speex file, an attacker could
create a denial of service in applications linked against Speex or
possibly execute arbitrary code as the user invoking the program.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Ubuntu | 8.04 | noarch | vorbis-tools | <Β 1.1.1-15ubuntu0.1 | UNKNOWN |
| Ubuntu | 7.10 | noarch | vorbis-tools | <Β 1.1.1-13ubuntu0.1 | UNKNOWN |
| Ubuntu | 7.04 | noarch | vorbis-tools | <Β 1.1.1-6ubuntu0.1 | UNKNOWN |
| Ubuntu | 6.06 | noarch | vorbis-tools | <Β 1.1.1-3ubuntu0.1 | UNKNOWN |
References
Related
7.2 High
AI Score
Confidence
Low
9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.068 Low
EPSS
Percentile
93.8%