CVE-2008-1423

It was discovered that libvorbis did not correctly handle certain malformed sound files If a user were tricked into opening a specially crafted sound file with an application that uses libvorbis, an attacker could execute arbitrary code with the user’s privileges ...

Debian Bug report logs - #669196 libvorbisidec: multiple longstanding unfixed security issues in libvorbis Package: libvorbisidec; Maintainer for libvorbisidec is Debian Multimedia Maintainers <debian-multimedia@listsdebianorg>; Reported by: Michael Gilbert <mgilbert@debianorg> Date: Wed, 18 Apr 2012 03:21:01 UTC ...

Debian Bug report logs - #482518 libvorbis0a: possible integer overflows and DoS attacks Package: libvorbis0a; Maintainer for libvorbis0a is Debian Multimedia Maintainers <debian-multimedia@listsdebianorg>; Source for libvorbis0a is src:libvorbis (PTS, buildd, popcon) Reported by: Steffen Joeris <steffenjoeris@skolelin ...

Several local (remote) vulnerabilities have been discovered in libvorbis, a library for the Vorbis general-purpose compressed audio codec The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2008-1419 libvorbis does not properly handle a zero value which allows remote attackers to cause a denial of servi ...