CVE-2007-4065

Related Files

Mandriva Linux Security Advisory 2007.194

Posted Oct 12, 2007

Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory - More vulnerabilities in libvorbis were found that could be used to cause an application linked to libvorbis to crash or execute arbitrary code if used to open a carefully crafted OGG file.

tags | advisory, arbitrary, vulnerability

systems | linux, mandriva

advisories | CVE-2007-4065, CVE-2007-4066

SHA-256 | d7380cf6430a020b77f7e130e7f0b38e846a7bb33fa53fba4dacc21fabd6d281

Download | Favorite | View

Gentoo Linux Security Advisory 200710-3

Posted Oct 9, 2007

Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200710-03 - David Thiel of iSEC Partners discovered a heap-based buffer overflow in the _01inverse() function in res0.c and a boundary checking error in the vorbis_info_clear() function in info.c. libvorbis is also prone to several Denial of Service vulnerabilities in form of infinite loops and invalid memory access with unknown impact. Versions less than 1.2.0 are affected.

tags | advisory, denial of service, overflow, vulnerability

systems | linux, gentoo

advisories | CVE-2007-3106, CVE-2007-4029, CVE-2007-4065, CVE-2007-4066

SHA-256 | 7a907b2348ce906142b3aba0da5822b07995f88558fb4c797503d30416a2a1e2

Download | Favorite | View