Vulnerability in Libvorbis
CVE-2007-3106
lib/info.c in libvorbis 1.1.2, and possibly other versions before 1.2.0, allows context-dependent attackers to cause a denial of service and possibly execute arbitrary code via invalid (1) blocksize_0 and (2) blocksize_1 values, which trig…
EPSS: 0.031 (86.2th percentile) — read the EPSS interpretation.
Affected products
- Libvorbis — versions 1.1.2
- Rpath Rpath_linux — versions 1, 1.0.1, 1.0.2
- N/a — versions n/a
Weakness classification (CWE)
References
- secalert@redhat.com (x_refsource_MISC)
- secalert@redhat.com (x_refsource_CONFIRM, Patch)
- secalert@redhat.com (x_refsource_UBUNTU, vendor-advisory)
- secalert@redhat.com (vdb-entry, x_refsource_VUPEN, Vendor Advisory)
- secalert@redhat.com (x_refsource_SECUNIA, Vendor Advisory, third-party-advisory)
- secalert@redhat.com (x_refsource_CONFIRM)
- secalert@redhat.com (x_refsource_SECUNIA, Vendor Advisory, third-party-advisory)
- secalert@redhat.com (signature, x_refsource_OVAL, vdb-entry)
- secalert@redhat.com (vendor-advisory, x_refsource_DEBIAN)
- secalert@redhat.com (x_refsource_SECUNIA, Vendor Advisory, third-party-advisory)