Lucene search
Ubuntu.comUB:CVE-2008-2009HistoryMay 16, 2008 - 12:00 a.m.
CVE-2008-2009
2008-05-1600:00:00
ubuntu.com
ubuntu.com
9
0.031 Low
EPSS
Percentile
91.0%
Xiph.org libvorbis before 1.0 does not properly check for underpopulated
Huffman trees, which allows remote attackers to cause a denial of service
(crash) via a crafted OGG file that triggers memory corruption during
execution of the _make_decode_tree function.
Bugs
- <http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=482039>
- <https://bugzilla.redhat.com/show_bug.cgi?id=444443>
Notes
| Author | Note |
|---|---|
| mdeslaur | description is misleading, part of the patch applies to recent versions. |
Related
cve
cve
CVE-2008-2009
2008-05-16 12:54:00
debiancve
debiancve
CVE-2008-2009
2008-05-16 12:54:00
cvelist
cvelist
CVE-2008-2009
2008-05-16 06:54:00
prion
prion
Memory corruption
2008-05-16 12:54:00
veracode
veracode
Denial Of Service (DoS)
2020-04-10 00:23:05
openvas
openvas
Ubuntu: Security Advisory (USN-861-1)
2009-12-03 00:00:00
Ubuntu USN-861-1 (libvorbis)
2009-12-03 00:00:00
RedHat Update for libvorbis RHSA-2008:0271-01
2009-03-06 00:00:00
securityvulns
securityvulns
libvorbis library multiple security vulnerabilities
2009-11-25 00:00:00
[USN-861-1] libvorbis vulnerabilities
2009-11-25 00:00:00
nessus
nessus
Ubuntu 8.04 LTS / 8.10 / 9.04 / 9.10 : libvorbis vulnerabilities (USN-861-1)
2009-11-25 00:00:00
RHEL 2.1 : libvorbis (RHSA-2008:0271)
2008-05-16 00:00:00
ubuntu
ubuntu
libvorbis vulnerabilities
2009-11-24 00:00:00
redhat
redhat
(RHSA-2008:0271) Important: libvorbis security update
2008-05-14 00:00:00
centos
centos
libvorbis security update
2008-05-16 03:59:20
freebsd
freebsd
libtremor -- multiple vulnerabilities
2008-03-19 00:00:00