CVSS: 8.8EPSS: 1%CPEs: 11EXPL: 1CVE-2018-10392 – libvorbis: heap buffer overflow in mapping0_forward function
https://notcve.org/view.php?id=CVE-2018-10392
mapping0_forward in mapping0.c in Xiph.Org libvorbis 1.3.6 does not validate the number of channels, which allows remote attackers to cause a denial of service (heap-based buffer overflow or over-read) or possibly have unspecified other impact via a crafted file. mapping0_forward en mapping0.c en Xiph.Org libvorbis 1.3.6 no valida el número de canales, lo que permite que atacantes remotos provoquen una denegación de servicio (desbordamiento o sobrelectura de búfer basada en memoria dinámica o heap) o provocar cualquier otro tipo de problema mediante un archivo manipulado. A heap-based buffer overflow was found in the encoder functionality of the libvorbis library. An attacker could create a malicious file to cause a denial of service, crashing the application containing the library. • https://access.redhat.com/errata/RHSA-2019:3703 https://gitlab.xiph.org/xiph/vorbis/issues/2335 https://lists.debian.org/debian-lts-announce/2019/11/msg00031.html https://lists.debian.org/debian-lts-announce/2021/11/msg00023.html https://security.gentoo.org/glsa/202003-36 https://access.redhat.com/security/cve/CVE-2018-10392 https://bugzilla.redhat.com/show_bug.cgi?id=1574193 • CWE-122: Heap-based Buffer Overflow CWE-125: Out-of-bounds Read CWE-787: Out-of-bounds Write •
CVSS: 7.5EPSS: 0%CPEs: 11EXPL: 0CVE-2018-10393 – libvorbis: stack buffer overflow in bark_noise_hybridmp function
https://notcve.org/view.php?id=CVE-2018-10393
bark_noise_hybridmp in psy.c in Xiph.Org libvorbis 1.3.6 has a stack-based buffer over-read. bark_noise_hybridmp en psy.c en Xiph.Org libvorbis 1.3.6 tiene una sobrelectura de búfer basada en pila. A stack-based buffer overflow was found in the encoder functionality of the libvorbis library. An attacker could create a malicious file to cause a denial of service, crashing the application containing the library. • https://access.redhat.com/errata/RHSA-2019:3703 https://gitlab.xiph.org/xiph/vorbis/issues/2334 https://lists.debian.org/debian-lts-announce/2019/11/msg00031.html https://lists.debian.org/debian-lts-announce/2021/11/msg00023.html https://security.gentoo.org/glsa/202003-36 https://access.redhat.com/security/cve/CVE-2018-10393 https://bugzilla.redhat.com/show_bug.cgi?id=1574194 • CWE-122: Heap-based Buffer Overflow CWE-125: Out-of-bounds Read •
CVSS: 6.8EPSS: 10%CPEs: 14EXPL: 0CVE-2008-1420 – vorbis: integer overflow in partvals computation
https://notcve.org/view.php?id=CVE-2008-1420
Integer overflow in residue partition value (aka partvals) evaluation in Xiph.org libvorbis 1.2.0 and earlier allows remote attackers to execute arbitrary code via a crafted OGG file, which triggers a heap overflow. Desbordamiento de entero en la evaluación de valores en la partición de residuos (también conocido como partvals) en Xiph.org libvorbis 1.2.0 y versiones anteriores permite a atacantes remotos ejecutar código de su elección a través de ficheros OGG manipulados, lo cual dispara un desbordamiento heap. • http://lists.opensuse.org/opensuse-security-announce/2008-06/msg00001.html http://secunia.com/advisories/30234 http://secunia.com/advisories/30237 http://secunia.com/advisories/30247 http://secunia.com/advisories/30259 http://secunia.com/advisories/30479 http://secunia.com/advisories/30581 http://secunia.com/advisories/30820 http://secunia.com/advisories/32946 http://secunia.com/advisories/36463 http://security.gentoo.org/glsa/glsa-200806-09.xml http://www.debian.org/security • CWE-189: Numeric Errors CWE-190: Integer Overflow or Wraparound •
CVSS: 4.3EPSS: 0%CPEs: 14EXPL: 1CVE-2008-1419 – vorbis: zero-dim codebooks can cause crash, infinite loop or heap overflow
https://notcve.org/view.php?id=CVE-2008-1419
Xiph.org libvorbis 1.2.0 and earlier does not properly handle a zero value for codebook.dim, which allows remote attackers to cause a denial of service (crash or infinite loop) or trigger an integer overflow. Xiph.org libvorbis 1.2.0 y versiones anteriores no maneja apropiadamente un valor cero de codebook.dim, lo cual permite a atacantes remotos provocar una denegación de servicio (caída o bucle infinito) o disparar un desbordamiento de entero. • http://lists.opensuse.org/opensuse-security-announce/2008-06/msg00001.html http://secunia.com/advisories/30234 http://secunia.com/advisories/30237 http://secunia.com/advisories/30247 http://secunia.com/advisories/30259 http://secunia.com/advisories/30479 http://secunia.com/advisories/30581 http://secunia.com/advisories/30820 http://secunia.com/advisories/32946 http://security.gentoo.org/glsa/glsa-200806-09.xml http://www.debian.org/security/2008/dsa-1591 http://www.mandri • CWE-20: Improper Input Validation CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •