Search for packages
| purl | pkg:deb/debian/libvorbis@1.2.0.dfsg-3.1%2Blenny1 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-28vq-2q8e-ykcc
Aliases: CVE-2018-10393 |
bark_noise_hybridmp in psy.c in Xiph.Org libvorbis 1.3.6 has a stack-based buffer over-read. |
Affected by 0 other vulnerabilities. |
|
VCID-6esn-a37s-9yfk
Aliases: CVE-2017-11333 |
security update |
Affected by 7 other vulnerabilities. Affected by 0 other vulnerabilities. |
|
VCID-cfj9-8yvv-wbhj
Aliases: CVE-2018-10392 |
mapping0_forward in mapping0.c in Xiph.Org libvorbis 1.3.6 does not validate the number of channels, which allows remote attackers to cause a denial of service (heap-based buffer overflow or over-read) or possibly have unspecified other impact via a crafted file. |
Affected by 0 other vulnerabilities. |
|
VCID-hfum-jn9c-b7a5
Aliases: CVE-2017-14633 |
Affected by 7 other vulnerabilities. Affected by 0 other vulnerabilities. |
|
|
VCID-jcag-bxq7-9qhu
Aliases: CVE-2018-5146 |
An out of bounds memory write while processing Vorbis audio data was reported through the Pwn2Own contest. |
Affected by 7 other vulnerabilities. Affected by 7 other vulnerabilities. Affected by 0 other vulnerabilities. |
|
VCID-jwvr-ax6v-nbf4
Aliases: CVE-2012-0444 |
Security researcher regenrecht reported via TippingPoint's Zero Day Initiative the possibility of memory corruption during the decoding of Ogg Vorbis files. This can cause a crash during decoding and has the potential for remote code execution. |
Affected by 7 other vulnerabilities. |
|
VCID-qh9t-8bch-quac
Aliases: CVE-2017-14632 |
Affected by 7 other vulnerabilities. Affected by 0 other vulnerabilities. |
|
|
VCID-sed4-3epn-mfch
Aliases: CVE-2017-14160 |
Affected by 0 other vulnerabilities. |
|
|
VCID-wdyw-kubz-t3dv
Aliases: CVE-2009-2663 |
Mozilla upgraded several third party libraries used in media rendering to address multiple memory safety and stability bugs identified by members of the Mozilla community. Some of the bugs discovered could potentially be used by an attacker to crash a victim's browser and execute arbitrary code on their computer. liboggz, libvorbis, and liboggplay were all upgraded to address these issues.Audio and video capabilities were added in Firefox 3.5 so prior releases of Firefox were not affected. |
Affected by 8 other vulnerabilities. |
|
VCID-xb2c-r22q-dkgc
Aliases: CVE-2009-3379 |
Mozilla upgraded several third party libraries used in media rendering to address multiple memory safety and stability bugs identified by members of the Mozilla community. Some of the bugs discovered could potentially be used by an attacker to crash a victim's browser and execute arbitrary code on their computer. liboggz, libvorbis, and liboggplay were all upgraded to address these issues.Audio and video capabilities were added in Firefox 3.5 so prior releases of Firefox were not affected. |
Affected by 8 other vulnerabilities. |
|
VCID-xwju-wywk-6qbx
Aliases: CVE-2008-2009 |
Affected by 8 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-3hj9-b58e-ckh4 |
CVE-2008-1419
|
|
| VCID-7tsk-4fz7-5uex |
CVE-2008-1420
|
|
| VCID-8puv-bmxh-a7d5 | Multiple libvorbis flaws (CVE-2007-4066, CVE-2007-4029) |
CVE-2007-4065
|
| VCID-amvs-eaha-wfgj |
CVE-2007-3106
|
|
| VCID-ax5p-runb-3ba4 |
CVE-2008-1423
|
|
| VCID-gmrh-s795-8feh | Multiple libvorbis flaws (CVE-2007-4066, CVE-2007-4029) |
CVE-2007-4066
|
| VCID-qvmd-t5nf-dkb5 |
CVE-2007-4029
|