Lucene search
Ubuntu.comUB:CVE-2008-1420HistoryMay 16, 2008 - 12:00 a.m.
CVE-2008-1420
2008-05-1600:00:00
ubuntu.com
ubuntu.com
11
6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.042 Low
EPSS
Percentile
92.1%
Integer overflow in residue partition value (aka partvals) evaluation in
Xiph.org libvorbis 1.2.0 and earlier allows remote attackers to execute
arbitrary code via a crafted OGG file, which triggers a heap overflow.
Bugs
Notes
| Author | Note |
|---|---|
| mdeslaur | Regression #1: https://trac.xiph.org/ticket/1456 fixes: https://trac.xiph.org/changeset/15532 fixes: https://trac.xiph.org/changeset/15533 Regression #2: https://trac.xiph.org/ticket/1572 fixes: https://trac.xiph.org/changeset/16327 fixes: https://trac.xiph.org/changeset/16552 |
Related
veracode
veracode
Arbitrary Code Execution
2020-04-10 00:23:05
debiancve
debiancve
CVE-2008-1420
2008-05-16 12:54:00
cve
cve
CVE-2008-1420
2008-05-16 12:54:00
prion
prion
Integer overflow
2008-05-16 12:54:00
openvas
openvas
Ubuntu USN-825-1 (libvorbis)
2009-09-02 00:00:00
Ubuntu: Security Advisory (USN-825-1)
2009-09-02 00:00:00
FreeBSD Ports: libvorbis
2008-09-04 00:00:00
nessus
nessus
FreeBSD : libvorbis -- multiple vulnerabilities (94edff42-d93d-11de-a434-0211d880e350)
2009-11-25 00:00:00
Ubuntu 8.04 LTS / 8.10 / 9.04 : libvorbis vulnerability (USN-825-1)
2009-08-25 00:00:00
SuSE9 Security Update : libvorbis (YOU Patch Number 12159)
2009-09-24 00:00:00
securityvulns
securityvulns
[USN-825-1] libvorbis vulnerability
2009-08-25 00:00:00
[SECURITY] [DSA 1591-1] New libvorbis packages fix several vulnerabilities
2008-06-04 00:00:00
libvorbis multiple security vulnerabilities
2009-08-25 00:00:00
freebsd
freebsd
libvorbis -- multiple vulnerabilities
2009-11-24 00:00:00
libvorbis -- various security issues
2008-05-14 00:00:00
libtremor -- multiple vulnerabilities
2008-03-19 00:00:00
ubuntu
ubuntu
libvorbis vulnerability
2009-08-24 00:00:00
libvorbis vulnerabilities
2008-12-01 00:00:00
ubuntucve
ubuntucve
CVE-2009-3379
2009-10-29 00:00:00
seebug
seebug
libvorbisε€δΈͺηΌε²εΊζΊ’εΊζΌζ΄
2008-05-17 00:00:00
osv
osv
libvorbis - several vulnerabilities
2008-06-03 00:00:00
redhat
redhat
(RHSA-2008:0270) Important: libvorbis security update
2008-05-14 00:00:00
(RHSA-2008:0271) Important: libvorbis security update
2008-05-14 00:00:00
fedora
fedora
[SECURITY] Fedora 8 Update: libvorbis-1.2.0-2.fc8
2008-05-14 22:08:15
[SECURITY] Fedora 9 Update: libvorbis-1.2.0-4.fc9
2008-05-14 22:10:23
[SECURITY] Fedora 7 Update: libvorbis-1.1.2-4.fc7
2008-05-14 22:08:55
centos
centos
libvorbis security update
2008-05-14 12:52:45
libvorbis security update
2008-05-16 03:59:20
oraclelinux
oraclelinux
libvorbis security update
2008-05-14 00:00:00
gentoo
gentoo
libvorbis: Multiple vulnerabilities
2008-06-23 00:00:00
debian
debian
[SECURITY] [DSA 1591-1] New libvorbis packages fix several vulnerabilities
2008-06-03 09:27:35
6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.042 Low
EPSS
Percentile
92.1%
Related for UB:CVE-2008-1420