5 results (0.006 seconds)

CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1

The wav_open function in oggenc/audio.c in Xiph.Org vorbis-tools 1.4.0 allows remote attackers to cause a denial of service (memory allocation error) via a crafted wav file. La función wav_open en el archivo oggenc/audio.c en Xiph.Org vorbis-tools versión 1.4.0, permite a los atacantes remotos causar una denegación de servicio (error de asignación de memoria) por medio de un archivo wav creado. • https://www.exploit-db.com/exploits/42397 http://seclists.org/fulldisclosure/2017/Jul/80 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 4.3EPSS: 2%CPEs: 1EXPL: 1

Buffer overflow in the aiff_open function in oggenc/audio.c in vorbis-tools 1.4.0 and earlier allows remote attackers to cause a denial of service (crash) via a crafted AIFF file. Vulnerabilidad de desbordamiento de buffer en la función aiff_open en oggenc/audio.c en vorbis-tools 1.4.0 y versiones anteriores, permite a atacantes remotos causar una denegación de servicio (caída) a través de un archivo AIFF manipulado. • http://lists.fedoraproject.org/pipermail/package-announce/2015-September/165555.html http://lists.fedoraproject.org/pipermail/package-announce/2015-September/166424.html http://lists.opensuse.org/opensuse-updates/2015-10/msg00013.html http://seclists.org/oss-sec/2015/q3/455 http://seclists.org/oss-sec/2015/q3/457 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=797461 https://bugzilla.redhat.com/show_bug.cgi?id=1258424 https://bugzilla.redhat.com/show_bug.cgi?id=1258443 https:/& • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 5.0EPSS: 2%CPEs: 3EXPL: 0

oggenc/oggenc.c in vorbis-tools 1.4.0 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted raw file. oggenc/oggenc.c en vorbis-tools 1.4.0 permite a atacantes remotos causar una denegación de servicio (lectura fuera de rango) a través de un fichero raw manipulado. • http://advisories.mageia.org/MGASA-2015-0051.html http://lists.fedoraproject.org/pipermail/package-announce/2015-January/148852.html http://lists.opensuse.org/opensuse-updates/2015-02/msg00032.html http://www.mandriva.com/security/advisories?name=MDVSA-2015:037 http://www.openwall.com/lists/oss-security/2015/01/21/6 http://www.openwall.com/lists/oss-security/2015/01/22/9 https://trac.xiph.org/changeset/19117 https://trac.xiph.org/ticket/2009 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 5.0EPSS: 4%CPEs: 5EXPL: 1

oggenc in vorbis-tools 1.4.0 allows remote attackers to cause a denial of service (divide-by-zero error and crash) via a WAV file with the number of channels set to zero. oggenc en vorbis-tools 1.4.0 permite a atacantes remotos causar una denegación de servicio (error de la división por cero y caída) a través de un fichero WAV con el número de canales configurado en cero. • http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150543.html http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150570.html http://lists.opensuse.org/opensuse-updates/2015-03/msg00054.html http://seclists.org/fulldisclosure/2015/Jan/78 http://www.openwall.com/lists/oss-security/2015/01/21/5 http://www.openwall.com/lists/oss-security/2015/01/22/9 http://www.securityfocus.com/bid/72290 https://trac.xiph.org/ticket/2137 •

CVSS: 5.0EPSS: 4%CPEs: 5EXPL: 1

Integer overflow in oggenc in vorbis-tools 1.4.0 allows remote attackers to cause a denial of service (crash) via a crafted number of channels in a WAV file, which triggers an out-of-bounds memory access. Desbordamiento de enteros en oggenc en vorbis-tools 1.4.0 permite a atacantes remotos causar una denegación de servicio (caída) a través de un número manipulado de canales en un fichero WAV, lo que provoca un acceso a memoria fuera de rango. • http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150543.html http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150570.html http://lists.opensuse.org/opensuse-updates/2015-03/msg00054.html http://seclists.org/fulldisclosure/2015/Jan/78 http://www.openwall.com/lists/oss-security/2015/01/21/5 http://www.openwall.com/lists/oss-security/2015/01/22/9 http://www.securityfocus.com/bid/72295 https://trac.xiph.org/ticket/2136 •