Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2017-14632

Опубликовано: 21 сент. 2017
Источник: debian

Описание

Xiph.Org libvorbis 1.3.5 allows Remote Code Execution upon freeing uninitialized memory in the function vorbis_analysis_headerout() in info.c when vi->channels<=0, a similar issue to Mozilla bug 550184.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
libvorbisfixed1.3.5-4.1package
libvorbisnot-affectedjessiepackage
libvorbisnot-affectedwheezypackage

Примечания

  • https://gitlab.xiph.org/xiph/vorbis/issues/2328

  • https://github.com/xiph/vorbis/issues/29

  • https://github.com/xiph/vorbis/pull/34

Связанные уязвимости

ubuntu логотип

CVE-2017-14632

CVSS3: 9.8
ubuntu
больше 8 лет назад

Xiph.Org libvorbis 1.3.5 allows Remote Code Execution upon freeing uninitialized memory in the function vorbis_analysis_headerout() in info.c when vi->channels<=0, a similar issue to Mozilla bug 550184.

redhat логотип

CVE-2017-14632

CVSS3: 3.3
redhat
больше 8 лет назад

Xiph.Org libvorbis 1.3.5 allows Remote Code Execution upon freeing uninitialized memory in the function vorbis_analysis_headerout() in info.c when vi->channels<=0, a similar issue to Mozilla bug 550184.

nvd логотип

CVE-2017-14632

CVSS3: 9.8
nvd
больше 8 лет назад

Xiph.Org libvorbis 1.3.5 allows Remote Code Execution upon freeing uninitialized memory in the function vorbis_analysis_headerout() in info.c when vi->channels<=0, a similar issue to Mozilla bug 550184.

github логотип

GHSA-pmfq-f4h4-9pwp

CVSS3: 9.8
github
больше 3 лет назад

Xiph.Org libvorbis 1.3.5 allows Remote Code Execution upon freeing uninitialized memory in the function vorbis_analysis_headerout() in info.c when vi->channels<=0, a similar issue to Mozilla bug 550184.

suse-cvrf логотип

openSUSE-SU-2018:0047-1

suse-cvrf
около 8 лет назад

Security update for libvorbis