CVSS: 7.5EPSS: 11%CPEs: 14EXPL: 1CVE-2008-1419 – vorbis: zero-dim codebooks can cause crash, infinite loop or heap overflow
https://notcve.org/view.php?id=CVE-2008-1419
16 May 2008 — Xiph.org libvorbis 1.2.0 and earlier does not properly handle a zero value for codebook.dim, which allows remote attackers to cause a denial of service (crash or infinite loop) or trigger an integer overflow. Xiph.org libvorbis 1.2.0 y versiones anteriores no maneja apropiadamente un valor cero de codebook.dim, lo cual permite a atacantes remotos provocar una denegación de servicio (caída o bucle infinito) o disparar un desbordamiento de entero. Several local (remote) vulnerabilities have been discovered in... • http://lists.opensuse.org/opensuse-security-announce/2008-06/msg00001.html • CWE-20: Improper Input Validation CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 6.5EPSS: 5%CPEs: 1EXPL: 0CVE-2007-4065 – Multiple libvorbis flaws (CVE-2007-4066, CVE-2007-4029)
https://notcve.org/view.php?id=CVE-2007-4065
21 Sep 2007 — lib/vorbisfile.c in libvorbisfile in Xiph.Org libvorbis before 1.2.0 allows context-dependent attackers to cause a denial of service (infinite loop) via a crafted OGG file, aka trac Changeset 13217. lib/vorbisfile.c en libvorbisfile en Xiph.Org libvorbis anterior a 1.2.0 permite a atacantes dependientes del contexto provocar denegación de servicio (bucle infinito) a través de un archivo OGG, también conocido como trac Changeset 13217. David Thiel of iSEC Partners discovered a heap-based buffer overflow in t... • http://secunia.com/advisories/24923 •
CVSS: 9.8EPSS: 1%CPEs: 1EXPL: 0CVE-2007-4066 – Multiple libvorbis flaws (CVE-2007-4066, CVE-2007-4029)
https://notcve.org/view.php?id=CVE-2007-4066
21 Sep 2007 — Multiple buffer overflows in Xiph.Org libvorbis before 1.2.0 allow context-dependent attackers to cause a denial of service or have other unspecified impact via a crafted OGG file, aka trac Changesets 13162, 13168, 13169, 13170, 13172, 13211, and 13215, as demonstrated by an overflow in oggenc.exe related to the _psy_noiseguards_8 array. Múltiples desbordamientos de búfer Xiph.Org libvorbis versiones anteriores a 1.2.0 permiten a atacantes locales o remotos dependientes del contexto provocar una denegación ... • http://secunia.com/advisories/24923 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •