Xiph.org libvorbis 1.2.0 and previous versions does not properly handle a zero value for codebook.dim, which allows remote malicious users to cause a denial of service (crash or infinite loop) or trigger an integer overflow.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
xiph.org libvorbis 1.1.0 |
||
xiph.org libvorbis 1.1.1 |
||
xiph.org libvorbis 1.0.0 |
||
xiph.org libvorbis 1.0.1 |
||
xiph.org libvorbis 1.12 |
||
xiph.org libvorbis 1.2.0 |