CVE-2007-4066

Related Files

Debian Linux Security Advisory 1471-1

Posted Jan 22, 2008

Authored by Debian | Site debian.org

Debian Security Advisory 1471-1 - Several vulnerabilities were found in the the Vorbis General Audio Compression Codec, which may lead to denial of service or the execution of arbitrary code, if a user is tricked into opening to a malformed Ogg Audio file with an application linked against libvorbis.

tags | advisory, denial of service, arbitrary, vulnerability

systems | linux, debian

advisories | CVE-2007-3106, CVE-2007-4029, CVE-2007-4066

SHA-256 | 9455ad4d2904120aeca597a63392dffd98808448e770f76c76d0d82299d81a38

Download | Favorite | View

Mandriva Linux Security Advisory 2007.194

Posted Oct 12, 2007

Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory - More vulnerabilities in libvorbis were found that could be used to cause an application linked to libvorbis to crash or execute arbitrary code if used to open a carefully crafted OGG file.

tags | advisory, arbitrary, vulnerability

systems | linux, mandriva

advisories | CVE-2007-4065, CVE-2007-4066

SHA-256 | d7380cf6430a020b77f7e130e7f0b38e846a7bb33fa53fba4dacc21fabd6d281

Download | Favorite | View

Gentoo Linux Security Advisory 200710-3

Posted Oct 9, 2007

Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200710-03 - David Thiel of iSEC Partners discovered a heap-based buffer overflow in the _01inverse() function in res0.c and a boundary checking error in the vorbis_info_clear() function in info.c. libvorbis is also prone to several Denial of Service vulnerabilities in form of infinite loops and invalid memory access with unknown impact. Versions less than 1.2.0 are affected.

tags | advisory, denial of service, overflow, vulnerability

systems | linux, gentoo

advisories | CVE-2007-3106, CVE-2007-4029, CVE-2007-4065, CVE-2007-4066

SHA-256 | 7a907b2348ce906142b3aba0da5822b07995f88558fb4c797503d30416a2a1e2

Download | Favorite | View