Published: 26/07/2007 Updated: 15/10/2018

CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6

VMScore: 605

Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P

libvorbis 1.1.2, and possibly other versions prior to 1.2.0, allows context-dependent malicious users to cause a denial of service via (1) an invalid mapping type, which triggers an out-of-bounds read in the vorbis_info_clear function in info.c, and (2) invalid blocksize values that trigger a segmentation fault in the read function in block.c.

Vulnerable Product	Search on Vulmon	Subscribe to Product
libvorbis libvorbis 1.1.2

David Thiel discovered that libvorbis did not correctly verify the size of certain headers, and did not correctly clean up a broken stream If a user were tricked into processing a specially crafted Vorbis stream, a remote attacker could execute arbitrary code with the user’s privileges ...

Debian Bug report logs - #669196 libvorbisidec: multiple longstanding unfixed security issues in libvorbis Package: libvorbisidec; Maintainer for libvorbisidec is Debian Multimedia Maintainers <debian-multimedia@listsdebianorg>; Reported by: Michael Gilbert <mgilbert@debianorg> Date: Wed, 18 Apr 2012 03:21:01 UTC ...

Debian Bug report logs - #437916 CVE-2007-4029 unfixed for stable Package: libvorbis; Maintainer for libvorbis is Debian Multimedia Maintainers <debian-multimedia@listsdebianorg>; Reported by: Nico Golde <nion@debianorg> Date: Tue, 14 Aug 2007 19:48:02 UTC Severity: important Tags: security Found in version 112 ...

Several vulnerabilities were found in the Vorbis General Audio Compression Codec, which may lead to denial of service or the execution of arbitrary code, if a user is tricked into opening a malformed Ogg Audio file with an application linked against libvorbis For the old stable distribution (sarge), these problems have been fixed in version 110- ...

CVE-2007-4029

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect