VYPR

rpm package

opensuse/stb&distro=openSUSE Tumbleweed

pkg:rpm/opensuse/stb&distro=openSUSE%20Tumbleweed

Vulnerabilities (7)

  • CVE-2019-13223Aug 15, 2019
    affected < 2.36.1594640766.b42009b-1.4fixed 2.36.1594640766.b42009b-1.4

    A reachable assertion in the lookup1_values function in stb_vorbis through 2019-03-04 allows an attacker to cause a denial of service by opening a crafted Ogg Vorbis file.

  • CVE-2019-13222Aug 15, 2019
    affected < 2.36.1594640766.b42009b-1.4fixed 2.36.1594640766.b42009b-1.4

    An out-of-bounds read of a global buffer in the draw_line function in stb_vorbis through 2019-03-04 allows an attacker to cause a denial of service or disclose sensitive information by opening a crafted Ogg Vorbis file.

  • CVE-2019-13221Aug 15, 2019
    affected < 2.36.1594640766.b42009b-1.4fixed 2.36.1594640766.b42009b-1.4

    A stack buffer overflow in the compute_codewords function in stb_vorbis through 2019-03-04 allows an attacker to cause a denial of service or execute arbitrary code by opening a crafted Ogg Vorbis file.

  • CVE-2019-13220Aug 15, 2019
    affected < 2.36.1594640766.b42009b-1.4fixed 2.36.1594640766.b42009b-1.4

    Use of uninitialized stack variables in the start_decoder function in stb_vorbis through 2019-03-04 allows an attacker to cause a denial of service or disclose sensitive information by opening a crafted Ogg Vorbis file.

  • CVE-2019-13219Aug 15, 2019
    affected < 2.36.1594640766.b42009b-1.4fixed 2.36.1594640766.b42009b-1.4

    A NULL pointer dereference in the get_window function in stb_vorbis through 2019-03-04 allows an attacker to cause a denial of service by opening a crafted Ogg Vorbis file.

  • CVE-2019-13218Aug 15, 2019
    affected < 2.36.1594640766.b42009b-1.4fixed 2.36.1594640766.b42009b-1.4

    Division by zero in the predict_point function in stb_vorbis through 2019-03-04 allows an attacker to cause a denial of service by opening a crafted Ogg Vorbis file.

  • CVE-2019-13217Aug 15, 2019
    affected < 2.36.1594640766.b42009b-1.4fixed 2.36.1594640766.b42009b-1.4

    A heap buffer overflow in the start_decoder function in stb_vorbis through 2019-03-04 allows an attacker to cause a denial of service or execute arbitrary code by opening a crafted Ogg Vorbis file.