New Search

libvorbis 1.1.2 and possibly other versions before 1.2.0 allows context-dependent attackers to cause a denial of service via (1) an invalid mapping type which triggers an out-of-bounds read in the vorbis_info_clear function in info.c and (2) invalid blocksize values that trigger a segmentation fault in the read function in block.c.

oval:org.mitre.oval:def:10570

libvorbis 1.1.2 and possibly other versions before 1.2.0 allows context-dependent attackers to cause a denial of service via (1) an invalid mapping type which triggers an out-of-bounds read in the vorbis_info_clear function in info.c and (2) invalid blocksize values that trigger a segmentation fault in the read function in block.c.

Family:
unix
Status:
ACCEPTED
Platform(s):
  • CentOS Linux 3
  • Red Hat Enterprise Linux 4
  • Oracle Linux 5
  • Oracle Linux 4
  • CentOS Linux 4
  • CentOS Linux 5
  • Red Hat Enterprise Linux 5
  • Red Hat Enterprise Linux 3
Class:
vulnerability
Reference(s):
  • CVE-2007-4029
Product(s):