Staging Environment: Content and features may be unstable or change without notice.
Search for vulnerabilities
Vulnerability details: VCID-mddv-hvgp-u3aa
Vulnerability ID VCID-mddv-hvgp-u3aa
Aliases CVE-2008-1423
Summary Multiple vulnerabilities in libvorbis might lead to the execution of arbitrary code.
Status Published
Exploitability 0.5
Weighted Severity 0.1
Risk 0.1
Affected and Fixed Packages Package Details
Weaknesses (2)
CWE-190 Integer Overflow or Wraparound
CWE-122 Heap-based Buffer Overflow
System Score Found at
epss 0.10744 https://api.first.org/data/v1/epss?cve=CVE-2008-1423
epss 0.10744 https://api.first.org/data/v1/epss?cve=CVE-2008-1423
epss 0.10744 https://api.first.org/data/v1/epss?cve=CVE-2008-1423
epss 0.10744 https://api.first.org/data/v1/epss?cve=CVE-2008-1423
epss 0.10744 https://api.first.org/data/v1/epss?cve=CVE-2008-1423
epss 0.10744 https://api.first.org/data/v1/epss?cve=CVE-2008-1423
epss 0.10744 https://api.first.org/data/v1/epss?cve=CVE-2008-1423
epss 0.10744 https://api.first.org/data/v1/epss?cve=CVE-2008-1423
Reference id Reference type URL
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-1423.json
https://api.first.org/data/v1/epss?cve=CVE-2008-1423
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1423
440709 https://bugzilla.redhat.com/show_bug.cgi?id=440709
482518 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=482518
669196 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=669196
GLSA-200806-09 https://security.gentoo.org/glsa/200806-09
RHSA-2008:0270 https://access.redhat.com/errata/RHSA-2008:0270
RHSA-2008:0271 https://access.redhat.com/errata/RHSA-2008:0271
USN-682-1 https://usn.ubuntu.com/682-1/
No exploits are available.
There are no known vectors.
Exploit Prediction Scoring System (EPSS)
Percentile 0.93303
EPSS Score 0.10744
Published At April 1, 2026, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
2026-04-01T13:11:50.059351+00:00 Gentoo Importer Import https://security.gentoo.org/glsa/200806-09 38.0.0