Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2008-2009HistoryMay 16, 2008 - 12:54 p.m.
CVE-2008-2009
2008-05-1612:54:00
Debian Security Bug Tracker
security-tracker.debian.org
9
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:N/A:P
0.033 Low
EPSS
Percentile
91.3%
Xiph.org libvorbis before 1.0 does not properly check for underpopulated Huffman trees, which allows remote attackers to cause a denial of service (crash) via a crafted OGG file that triggers memory corruption during execution of the _make_decode_tree function.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | libvorbis | < 1.2.0.dfsg-4 | libvorbis_1.2.0.dfsg-4_all.deb |
| Debian | 11 | all | libvorbis | < 1.2.0.dfsg-4 | libvorbis_1.2.0.dfsg-4_all.deb |
| Debian | 999 | all | libvorbis | < 1.2.0.dfsg-4 | libvorbis_1.2.0.dfsg-4_all.deb |
| Debian | 13 | all | libvorbis | < 1.2.0.dfsg-4 | libvorbis_1.2.0.dfsg-4_all.deb |
| Debian | 12 | all | libvorbisidec | < 1.0.2+svn18153-0.1 | libvorbisidec_1.0.2+svn18153-0.1_all.deb |
| Debian | 11 | all | libvorbisidec | < 1.0.2+svn18153-0.1 | libvorbisidec_1.0.2+svn18153-0.1_all.deb |
| Debian | 999 | all | libvorbisidec | < 1.0.2+svn18153-0.1 | libvorbisidec_1.0.2+svn18153-0.1_all.deb |
| Debian | 13 | all | libvorbisidec | < 1.0.2+svn18153-0.1 | libvorbisidec_1.0.2+svn18153-0.1_all.deb |
Related
veracode
veracode
Denial Of Service (DoS)
2020-04-10 00:23:05
prion
prion
Memory corruption
2008-05-16 12:54:00
nvd
nvd
CVE-2008-2009
2008-05-16 12:54:00
cvelist
cvelist
CVE-2008-2009
2008-05-16 06:54:00
cve
cve
CVE-2008-2009
2008-05-16 12:54:00
ubuntucve
ubuntucve
CVE-2008-2009
2008-05-16 00:00:00
nessus
nessus
Ubuntu 8.04 LTS / 8.10 / 9.04 / 9.10 : libvorbis vulnerabilities (USN-861-1)
2009-11-25 00:00:00
RHEL 2.1 : libvorbis (RHSA-2008:0271)
2008-05-16 00:00:00
openvas
openvas
Ubuntu USN-861-1 (libvorbis)
2009-12-03 00:00:00
Ubuntu: Security Advisory (USN-861-1)
2009-12-03 00:00:00
RedHat Update for libvorbis RHSA-2008:0271-01
2009-03-06 00:00:00
ubuntu
ubuntu
libvorbis vulnerabilities
2009-11-24 00:00:00
securityvulns
securityvulns
[USN-861-1] libvorbis vulnerabilities
2009-11-25 00:00:00
libvorbis library multiple security vulnerabilities
2009-11-25 00:00:00
centos
centos
libvorbis security update
2008-05-16 03:59:20
redhat
redhat
(RHSA-2008:0271) Important: libvorbis security update
2008-05-14 00:00:00
freebsd
freebsd
libtremor -- multiple vulnerabilities
2008-03-19 00:00:00
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:N/A:P
0.033 Low
EPSS
Percentile
91.3%
Related for DEBIANCVE:CVE-2008-2009