CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
EPSS
Percentile
92.2%
Software: vorbis-tools 1.4.0
OS: Cobalt 7.9
CVE-ID: CVE-2014-9638
CVE-Crit: MEDIUM
CVE-DESC: oggenc in vorbis-tools 1.4.0 allows remote attackers to cause a denial of service (division-by-zero error and crash) via a WAV file with the number of channels set to zero.
CVE-STATUS: default
CVE-REV: default
CVE-ID: CVE-2014-9639
CVE-Crit: MEDIUM
CVE-DESC: Integer overflow in oggenc in vorbis-tools 1.4.0 allows remote attackers to cause a denial of service (failure) through the created number of channels in a WAV file, causing out-of-memory access.
CVE-STATUS: default
CVE-REV: default
CVE-ID: CVE-2014-9640
CVE-Crit: MEDIUM
CVE-DESC: oggenc / oggenc.c in vorbis-tools 1.4.0 allows remote attackers to cause a denial of service (read out of range) via a crafted raw file.
CVE-STATUS: default
CVE-REV: default
CVE-ID: CVE-2015-6749
CVE-Crit: CRITICAL
CVE-DESC: Buffer overflow in aiff_open function in oggenc / audio.c in vorbis-tools 1.4.0 and earlier allows remote attackers to cause a denial of service (crash) via a generated AIFF file.
CVE-STATUS: default
CVE-REV: default
CVE-ID: CVE-2017-11331
CVE-Crit: MEDIUM
CVE-DESC: The wav_open function in oggenc / audio.c in Xiph.Org vorbis-tools 1.4.0 allows remote attackers to cause a denial of service (memory allocation error) via a crafted wav file.
CVE-STATUS: default
CVE-REV: default
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
EPSS
Percentile
92.2%