FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

libvorbis -- various security issues

Affected packages
libvorbis < 1.2.0_2,3

Details

VuXML ID f5a76faf-244c-11dd-b143-0211d880e350
Discovery 2008-05-14
Entry 2008-05-17

Red Hat reports:

Will Drewry of the Google Security Team reported several flaws in the way libvorbis processed audio data. An attacker could create a carefully crafted [Vorbis] audio file in such a way that it could cause an application linked with libvorbis to crash, or execute arbitrary code when it was opened.

[source]

References

CVE Name CVE-2008-1419
CVE Name CVE-2008-1420
CVE Name CVE-2008-1423
URL https://rhn.redhat.com/errata/RHSA-2008-0270.html

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.