|
|
Log in / Subscribe / Register

vorbis-tools: denial of service

Package(s):vorbis-tools CVE #(s):CVE-2014-9638 CVE-2014-9639
Created:March 2, 2015 Updated:March 18, 2015
Description: From the CVE entries:

oggenc in vorbis-tools 1.4.0 allows remote attackers to cause a denial of service (divide-by-zero error and crash) via a WAV file with the number of channels set to zero. (CVE-2014-9638)

Integer overflow in oggenc in vorbis-tools 1.4.0 allows remote attackers to cause a denial of service (crash) via a crafted number of channels in a WAV file, which triggers an out-of-bounds memory access. (CVE-2014-9639)

Alerts:
Debian-LTS DLA-317-1 vorbis-tools 2015-09-29
Arch Linux ASA-201503-24 vorbis-tools 2015-03-25
openSUSE openSUSE-SU-2015:0522-1 vorbis-tools 2015-03-18
Fedora FEDORA-2015-2330 vorbis-tools 2015-02-28
Fedora FEDORA-2015-2335 vorbis-tools 2015-02-28
Mageia MGASA-2015-0094 vorbis-tools 2015-03-05
to post comments


Copyright © 2026, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds