7 results (0.024 seconds)

CVSS: 9.3EPSS: 2%CPEs: 13EXPL: 0

Integer overflow in a certain quantvals and quantlist calculation in Xiph.org libvorbis 1.2.0 and earlier allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted OGG file with a large virtual space for its codebook, which triggers a heap overflow. Desbordamiento de entero en ciertos cálculos quantvals y quantlist de Xiph.org libvorbis 1.2.0 y versiones anteriores permite a atacantes remotos provocar una denegación de servicio (caída) o ejecutar código de su elección a través de ficheros OGG manipulados con un espacio virtual largo de su codebook, lo cual dispara un desbordamiento heap. • http://lists.opensuse.org/opensuse-security-announce/2008-06/msg00001.html http://secunia.com/advisories/30234 http://secunia.com/advisories/30237 http://secunia.com/advisories/30247 http://secunia.com/advisories/30259 http://secunia.com/advisories/30479 http://secunia.com/advisories/30581 http://secunia.com/advisories/30820 http://secunia.com/advisories/32946 http://security.gentoo.org/glsa/glsa-200806-09.xml http://www.debian.org/security/2008/dsa-1591 http://www.mandri • CWE-122: Heap-based Buffer Overflow CWE-189: Numeric Errors •

CVSS: 6.8EPSS: 10%CPEs: 14EXPL: 0

Integer overflow in residue partition value (aka partvals) evaluation in Xiph.org libvorbis 1.2.0 and earlier allows remote attackers to execute arbitrary code via a crafted OGG file, which triggers a heap overflow. Desbordamiento de entero en la evaluación de valores en la partición de residuos (también conocido como partvals) en Xiph.org libvorbis 1.2.0 y versiones anteriores permite a atacantes remotos ejecutar código de su elección a través de ficheros OGG manipulados, lo cual dispara un desbordamiento heap. • http://lists.opensuse.org/opensuse-security-announce/2008-06/msg00001.html http://secunia.com/advisories/30234 http://secunia.com/advisories/30237 http://secunia.com/advisories/30247 http://secunia.com/advisories/30259 http://secunia.com/advisories/30479 http://secunia.com/advisories/30581 http://secunia.com/advisories/30820 http://secunia.com/advisories/32946 http://secunia.com/advisories/36463 http://security.gentoo.org/glsa/glsa-200806-09.xml http://www.debian.org/security • CWE-189: Numeric Errors CWE-190: Integer Overflow or Wraparound •

CVSS: 4.3EPSS: 0%CPEs: 14EXPL: 1

Xiph.org libvorbis 1.2.0 and earlier does not properly handle a zero value for codebook.dim, which allows remote attackers to cause a denial of service (crash or infinite loop) or trigger an integer overflow. Xiph.org libvorbis 1.2.0 y versiones anteriores no maneja apropiadamente un valor cero de codebook.dim, lo cual permite a atacantes remotos provocar una denegación de servicio (caída o bucle infinito) o disparar un desbordamiento de entero. • http://lists.opensuse.org/opensuse-security-announce/2008-06/msg00001.html http://secunia.com/advisories/30234 http://secunia.com/advisories/30237 http://secunia.com/advisories/30247 http://secunia.com/advisories/30259 http://secunia.com/advisories/30479 http://secunia.com/advisories/30581 http://secunia.com/advisories/30820 http://secunia.com/advisories/32946 http://security.gentoo.org/glsa/glsa-200806-09.xml http://www.debian.org/security/2008/dsa-1591 http://www.mandri • CWE-20: Improper Input Validation CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •

CVSS: 4.3EPSS: 2%CPEs: 1EXPL: 0

Multiple buffer overflows in Xiph.Org libvorbis before 1.2.0 allow context-dependent attackers to cause a denial of service or have other unspecified impact via a crafted OGG file, aka trac Changesets 13162, 13168, 13169, 13170, 13172, 13211, and 13215, as demonstrated by an overflow in oggenc.exe related to the _psy_noiseguards_8 array. Múltiples desbordamientos de búfer Xiph.Org libvorbis versiones anteriores a 1.2.0 permiten a atacantes locales o remotos dependientes del contexto provocar una denegación de servicio o tener otro impacto no especificado mediante un fichero OGG manipulado, también conocido como trac Changesets 13162, 13168, 13169, 13170, 13172, 13211, y 13215, como se demuestra con un desbordamiento en oggenc.exe relativo al array _psy_noiseguards_8. • http://secunia.com/advisories/24923 http://secunia.com/advisories/26865 http://secunia.com/advisories/27099 http://secunia.com/advisories/27170 http://secunia.com/advisories/27439 http://secunia.com/advisories/28614 http://security.gentoo.org/glsa/glsa-200710-03.xml http://securitytracker.com/id?1018712 http://svn.xiph.org/trunk/vorbis/CHANGES http://www.debian.org/security/2008/dsa-1471 http://www.mandriva.com/security/advisories?name=MDKSA-2007:194 http://www.novell& • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 4.3EPSS: 2%CPEs: 1EXPL: 0

lib/vorbisfile.c in libvorbisfile in Xiph.Org libvorbis before 1.2.0 allows context-dependent attackers to cause a denial of service (infinite loop) via a crafted OGG file, aka trac Changeset 13217. lib/vorbisfile.c en libvorbisfile en Xiph.Org libvorbis anterior a 1.2.0 permite a atacantes dependientes del contexto provocar denegación de servicio (bucle infinito) a través de un archivo OGG, también conocido como trac Changeset 13217. • http://secunia.com/advisories/24923 http://secunia.com/advisories/26865 http://secunia.com/advisories/27099 http://secunia.com/advisories/27170 http://secunia.com/advisories/27439 http://security.gentoo.org/glsa/glsa-200710-03.xml http://securitytracker.com/id?1018712 http://svn.xiph.org/trunk/vorbis/CHANGES http://www.mandriva.com/security/advisories?name=MDKSA-2007:194 http://www.novell.com/linux/security/advisories/2007_23_sr.html http://www.redhat.com/support/errata •