Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2007-4066HistorySep 21, 2007 - 7:17 p.m.
CVE-2007-4066
2007-09-2119:17:00
Debian Security Bug Tracker
security-tracker.debian.org
8
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:N/A:P
0.015 Low
EPSS
Percentile
86.8%
Multiple buffer overflows in Xiph.Org libvorbis before 1.2.0 allow context-dependent attackers to cause a denial of service or have other unspecified impact via a crafted OGG file, aka trac Changesets 13162, 13168, 13169, 13170, 13172, 13211, and 13215, as demonstrated by an overflow in oggenc.exe related to the _psy_noiseguards_8 array.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | libvorbis | < 1.2.0.dfsg-1 | libvorbis_1.2.0.dfsg-1_all.deb |
| Debian | 11 | all | libvorbis | < 1.2.0.dfsg-1 | libvorbis_1.2.0.dfsg-1_all.deb |
| Debian | 999 | all | libvorbis | < 1.2.0.dfsg-1 | libvorbis_1.2.0.dfsg-1_all.deb |
| Debian | 13 | all | libvorbis | < 1.2.0.dfsg-1 | libvorbis_1.2.0.dfsg-1_all.deb |
| Debian | 12 | all | libvorbisidec | < 1.0.2+svn16259-2 | libvorbisidec_1.0.2+svn16259-2_all.deb |
| Debian | 11 | all | libvorbisidec | < 1.0.2+svn16259-2 | libvorbisidec_1.0.2+svn16259-2_all.deb |
| Debian | 999 | all | libvorbisidec | < 1.0.2+svn16259-2 | libvorbisidec_1.0.2+svn16259-2_all.deb |
| Debian | 13 | all | libvorbisidec | < 1.0.2+svn16259-2 | libvorbisidec_1.0.2+svn16259-2_all.deb |
Related
prion
prion
Buffer overflow
2007-09-21 19:17:00
ubuntucve
ubuntucve
CVE-2007-4066
2007-09-21 00:00:00
cve
cve
CVE-2007-4066
2007-09-21 19:17:00
cvelist
cvelist
CVE-2007-4066
2007-09-21 18:00:00
nvd
nvd
CVE-2007-4066
2007-09-21 19:17:00
openvas
openvas
Mandriva Update for libvorbis MDKSA-2007:194 (libvorbis)
2009-04-09 00:00:00
Mandriva Update for libvorbis MDKSA-2007:194 (libvorbis)
2009-04-09 00:00:00
SLES10: Security update for libvorbis
2009-10-13 00:00:00
nessus
nessus
Mandrake Linux Security Advisory : libvorbis (MDKSA-2007:194)
2007-10-17 00:00:00
Debian DSA-1471-1 : libvorbis - several vulnerabilities
2008-01-27 00:00:00
SuSE9 Security Update : libvorbis (YOU Patch Number 11932)
2009-09-24 00:00:00
debian
debian
[SECURITY] [DSA 1471-1] New libvorbis packages fix several vulnerabilities
2008-01-21 18:06:25
fedora
fedora
[SECURITY] Fedora 7 Update: libvorbis-1.1.2-3.fc7
2007-08-24 05:38:37
redhat
redhat
(RHSA-2007:0912) Important: libvorbis security update
2007-10-11 00:00:00
(RHSA-2007:0845) Important: libvorbis security update
2007-09-19 00:00:00
oraclelinux
oraclelinux
Important:libvorbis security update
2007-09-19 00:00:00
centos
centos
libvorbis security update
2007-10-15 02:00:31
libvorbis security update
2007-09-19 17:46:48
gentoo
gentoo
libvorbis: Multiple vulnerabilities
2007-10-07 00:00:00
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:N/A:P
0.015 Low
EPSS
Percentile
86.8%
Related for DEBIANCVE:CVE-2007-4066