Lucene search

PRIOn knowledge basePRION:CVE-2008-1419

HistoryMay 16, 2008 - 12:54 p.m.

Integer overflow

2008-05-1612:54:00

PRIOn knowledge base

www.prio-n.com

6.7 Medium

AI Score

Confidence

High

0.004 Low

EPSS

Percentile

74.7%

JSON

Xiph.org libvorbis 1.2.0 and earlier does not properly handle a zero value for codebook.dim, which allows remote attackers to cause a denial of service (crash or infinite loop) or trigger an integer overflow.

CPENameOperatorVersion
libvorbiseq1.0.0
libvorbiseq1.0.1
libvorbiseq1.1.0
libvorbiseq1.1.1
libvorbiseq1.2.0
libvorbiseq1.12

Name	Operator	Version
libvorbis	eq	1.0.0
libvorbis	eq	1.0.1
libvorbis	eq	1.1.0
libvorbis	eq	1.1.1
libvorbis	eq	1.2.0
libvorbis	eq	1.12

References

lists.opensuse.org/opensuse-security-announce/2008-06/msg00001.html

secunia.com/advisories/30234

secunia.com/advisories/30237

secunia.com/advisories/30247

secunia.com/advisories/30259

secunia.com/advisories/30479

secunia.com/advisories/30581

secunia.com/advisories/30820

secunia.com/advisories/32946

security.gentoo.org/glsa/glsa-200806-09.xml

www.debian.org/security/2008/dsa-1591

www.mandriva.com/security/advisories?name=MDVSA-2008:102

www.redhat.com/support/errata/RHSA-2008-0270.html

www.redhat.com/support/errata/RHSA-2008-0271.html

www.securityfocus.com/bid/29206

www.securitytracker.com/id?1020029

www.ubuntu.com/usn/USN-682-1

www.vupen.com/english/advisories/2008/1510/references

bugzilla.redhat.com/show_bug.cgi?id=440700

exchange.xforce.ibmcloud.com/vulnerabilities/42397

exchange.xforce.ibmcloud.com/vulnerabilities/42400

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10104

www.redhat.com/archives/fedora-package-announce/2008-May/msg00243.html

www.redhat.com/archives/fedora-package-announce/2008-May/msg00247.html

www.redhat.com/archives/fedora-package-announce/2008-May/msg00256.html