Lookup for vulnerable packages by Package URL.
| Purl | pkg:deb/debian/libtheora@1.1.1%2Bdfsg.1-3 |
|---|
| Type | deb |
|---|
| Namespace | debian |
|---|
| Name | libtheora |
|---|
| Version | 1.1.1+dfsg.1-3 |
|---|
| Qualifiers |
|
|---|
| Subpath | |
|---|
| Is_vulnerable | false |
|---|
| Next_non_vulnerable_version | null |
|---|
| Latest_non_vulnerable_version | null |
|---|
| Affected_by_vulnerabilities |
|
|---|
| Fixing_vulnerabilities |
| 0 |
| url |
VCID-v1gt-2387-67dw |
| vulnerability_id |
VCID-v1gt-2387-67dw |
| summary |
Security researcher Dan Kaminsky reported an
integer overflow in the Theora video library. A video's dimensions
were being multiplied together and used in particular memory
allocations. When the video dimensions were sufficiently large, the
multiplication could overflow a 32-bit integer resulting in too small
a memory buffer being allocated for the video. An attacker could use
a specially crafted video to write data past the bounds of this
buffer, causing a crash and potentially running arbitrary code on a
victim's computer.Mozilla intern David Keeler also independently
reported this issue as well as an additional crash which was
determined to be a denial-of-service.Video capabilities were added to the Mozilla browser engine
in Firefox 3.5, SeaMonkey 2.0, and Thunderbird 3.0; prior releases of these
products were not affected.These bugs were fixed upstream in Theora version 1.1
("Thusnelda") but the older version used in Firefox 3.5 needed this
patch. |
| references |
|
| fixed_packages |
|
| aliases |
CVE-2009-3389
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-v1gt-2387-67dw |
|
|
|---|
| Risk_score | null |
|---|
| Resource_url | http://public2.vulnerablecode.io/packages/pkg:deb/debian/libtheora@1.1.1%252Bdfsg.1-3 |
|---|