CVSS: 7.5EPSS: 1%CPEs: 8EXPL: 0CVE-2007-4029 – Multiple libvorbis flaws (CVE-2007-4066, CVE-2007-4029)
https://notcve.org/view.php?id=CVE-2007-4029
26 Jul 2007 — libvorbis 1.1.2, and possibly other versions before 1.2.0, allows context-dependent attackers to cause a denial of service via (1) an invalid mapping type, which triggers an out-of-bounds read in the vorbis_info_clear function in info.c, and (2) invalid blocksize values that trigger a segmentation fault in the read function in block.c. libvorbis 1.1.2, y posiblemente otras versiones anteriores a 1.2.0, permite a atacantes dependientes del contexto provocar denegación de servicio a travñes de (1) un tipo de ... • http://secunia.com/advisories/24923 •
CVSS: 9.8EPSS: 2%CPEs: 9EXPL: 0CVE-2007-3106 – libvorbis array boundary condition
https://notcve.org/view.php?id=CVE-2007-3106
26 Jul 2007 — lib/info.c in libvorbis 1.1.2, and possibly other versions before 1.2.0, allows context-dependent attackers to cause a denial of service and possibly execute arbitrary code via invalid (1) blocksize_0 and (2) blocksize_1 values, which trigger a "heap overwrite" in the _01inverse function in res0.c. NOTE: this issue has been RECAST so that CVE-2007-4029 handles additional vectors. En la biblioteca lib/info.c en libvorbis versión 1.1.2, y posiblemente otras versiones anteriores a 1.2.0, permite a los atacante... • http://secunia.com/advisories/24923 • CWE-399: Resource Management Errors •