Xiph.org libvorbis prior to 1.0 does not properly check for underpopulated Huffman trees, which allows remote malicious users to cause a denial of service (crash) via a crafted OGG file that triggers memory corruption during execution of the _make_decode_tree function.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
xiph.org libvorbis 1.0 |
||
canonical ubuntu linux 8.04 |
||
canonical ubuntu linux 8.10 |
||
canonical ubuntu linux 9.04 |
||
canonical ubuntu linux 9.10 |