rpm package
suse/vorbis-tools&distro=SUSE Linux Enterprise Server for SAP Applications 12
pkg:rpm/suse/vorbis-tools&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012
Vulnerabilities (4)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2015-6749 | — | < 1.4.0-26.1 | 1.4.0-26.1 | Sep 21, 2015 | Buffer overflow in the aiff_open function in oggenc/audio.c in vorbis-tools 1.4.0 and earlier allows remote attackers to cause a denial of service (crash) via a crafted AIFF file. | ||
| CVE-2014-9640 | — | < 1.4.0-19.1 | 1.4.0-19.1 | Jan 23, 2015 | oggenc/oggenc.c in vorbis-tools 1.4.0 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted raw file. | ||
| CVE-2014-9639 | — | < 1.4.0-23.1 | 1.4.0-23.1 | Jan 23, 2015 | Integer overflow in oggenc in vorbis-tools 1.4.0 allows remote attackers to cause a denial of service (crash) via a crafted number of channels in a WAV file, which triggers an out-of-bounds memory access. | ||
| CVE-2014-9638 | — | < 1.4.0-23.1 | 1.4.0-23.1 | Jan 23, 2015 | oggenc in vorbis-tools 1.4.0 allows remote attackers to cause a denial of service (divide-by-zero error and crash) via a WAV file with the number of channels set to zero. |
- CVE-2015-6749Sep 21, 2015affected < 1.4.0-26.1fixed 1.4.0-26.1
Buffer overflow in the aiff_open function in oggenc/audio.c in vorbis-tools 1.4.0 and earlier allows remote attackers to cause a denial of service (crash) via a crafted AIFF file.
- CVE-2014-9640Jan 23, 2015affected < 1.4.0-19.1fixed 1.4.0-19.1
oggenc/oggenc.c in vorbis-tools 1.4.0 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted raw file.
- CVE-2014-9639Jan 23, 2015affected < 1.4.0-23.1fixed 1.4.0-23.1
Integer overflow in oggenc in vorbis-tools 1.4.0 allows remote attackers to cause a denial of service (crash) via a crafted number of channels in a WAV file, which triggers an out-of-bounds memory access.
- CVE-2014-9638Jan 23, 2015affected < 1.4.0-23.1fixed 1.4.0-23.1
oggenc in vorbis-tools 1.4.0 allows remote attackers to cause a denial of service (divide-by-zero error and crash) via a WAV file with the number of channels set to zero.