Xiph.org libvorbis 1.0 Release Candidate 2

CPE Details

Xiph.org libvorbis 1.0 Release Candidate 2
xiph.org
libvorbis
1.0
2019-10-17
13h05 +00:00
2019-10-17
13h05 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:xiph.org:libvorbis:1.0:rc2:*:*:*:*:*:*

Informations

Vendor

xiph.org

Product

libvorbis

Version

1.0

Update

rc2

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2008-2009 2008-05-16 04h54 +00:00 Xiph.org libvorbis before 1.0 does not properly check for underpopulated Huffman trees, which allows remote attackers to cause a denial of service (crash) via a crafted OGG file that triggers memory corruption during execution of the _make_decode_tree function.
4.3
CVE-2007-4065 2007-09-21 16h00 +00:00 lib/vorbisfile.c in libvorbisfile in Xiph.Org libvorbis before 1.2.0 allows context-dependent attackers to cause a denial of service (infinite loop) via a crafted OGG file, aka trac Changeset 13217.
4.3
CVE-2007-4066 2007-09-21 16h00 +00:00 Multiple buffer overflows in Xiph.Org libvorbis before 1.2.0 allow context-dependent attackers to cause a denial of service or have other unspecified impact via a crafted OGG file, aka trac Changesets 13162, 13168, 13169, 13170, 13172, 13211, and 13215, as demonstrated by an overflow in oggenc.exe related to the _psy_noiseguards_8 array.
4.3