rpm package
suse/vorbis-tools&distro=SUSE Linux Enterprise Desktop 11 SP4
pkg:rpm/suse/vorbis-tools&distro=SUSE%20Linux%20Enterprise%20Desktop%2011%20SP4
Vulnerabilities (3)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2015-6749 | — | < 1.1.1-174.1 | 1.1.1-174.1 | Sep 21, 2015 | Buffer overflow in the aiff_open function in oggenc/audio.c in vorbis-tools 1.4.0 and earlier allows remote attackers to cause a denial of service (crash) via a crafted AIFF file. | ||
| CVE-2014-9639 | — | < 1.1.1-174.1 | 1.1.1-174.1 | Jan 23, 2015 | Integer overflow in oggenc in vorbis-tools 1.4.0 allows remote attackers to cause a denial of service (crash) via a crafted number of channels in a WAV file, which triggers an out-of-bounds memory access. | ||
| CVE-2014-9638 | — | < 1.1.1-174.1 | 1.1.1-174.1 | Jan 23, 2015 | oggenc in vorbis-tools 1.4.0 allows remote attackers to cause a denial of service (divide-by-zero error and crash) via a WAV file with the number of channels set to zero. |
- CVE-2015-6749Sep 21, 2015affected < 1.1.1-174.1fixed 1.1.1-174.1
Buffer overflow in the aiff_open function in oggenc/audio.c in vorbis-tools 1.4.0 and earlier allows remote attackers to cause a denial of service (crash) via a crafted AIFF file.
- CVE-2014-9639Jan 23, 2015affected < 1.1.1-174.1fixed 1.1.1-174.1
Integer overflow in oggenc in vorbis-tools 1.4.0 allows remote attackers to cause a denial of service (crash) via a crafted number of channels in a WAV file, which triggers an out-of-bounds memory access.
- CVE-2014-9638Jan 23, 2015affected < 1.1.1-174.1fixed 1.1.1-174.1
oggenc in vorbis-tools 1.4.0 allows remote attackers to cause a denial of service (divide-by-zero error and crash) via a WAV file with the number of channels set to zero.