VYPR

rpm package

suse/vorbis-tools&distro=SUSE Linux Enterprise Server 12

pkg:rpm/suse/vorbis-tools&distro=SUSE%20Linux%20Enterprise%20Server%2012

Vulnerabilities (4)

  • CVE-2015-6749Sep 21, 2015
    affected < 1.4.0-26.1fixed 1.4.0-26.1

    Buffer overflow in the aiff_open function in oggenc/audio.c in vorbis-tools 1.4.0 and earlier allows remote attackers to cause a denial of service (crash) via a crafted AIFF file.

  • CVE-2014-9640Jan 23, 2015
    affected < 1.4.0-19.1fixed 1.4.0-19.1

    oggenc/oggenc.c in vorbis-tools 1.4.0 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted raw file.

  • CVE-2014-9639Jan 23, 2015
    affected < 1.4.0-23.1fixed 1.4.0-23.1

    Integer overflow in oggenc in vorbis-tools 1.4.0 allows remote attackers to cause a denial of service (crash) via a crafted number of channels in a WAV file, which triggers an out-of-bounds memory access.

  • CVE-2014-9638Jan 23, 2015
    affected < 1.4.0-23.1fixed 1.4.0-23.1

    oggenc in vorbis-tools 1.4.0 allows remote attackers to cause a denial of service (divide-by-zero error and crash) via a WAV file with the number of channels set to zero.