What is CVE-2007-4029?

CVE-2007-4029 is a vulnerability in Libvorbis. Published 2007-07-26.

Is CVE-2007-4029 known to be exploited?

1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in Libvorbis

CVE-2007-4029

libvorbis 1.1.2, and possibly other versions before 1.2.0, allows context-dependent attackers to cause a denial of service via (1) an invalid mapping type, which triggers an out-of-bounds read in the vorbis_info_clear function in info.c, a…

EPSS: 0.017 (73.7th percentile) — read the EPSS interpretation.

Affected products

Libvorbis — versions 1.1.2
Rpath Rpath_linux — versions 1, 1.0.1, 1.0.2
N/a — versions n/a

Public proof-of-concept exploits

ARPSyndicate/cve-scores

References

secalert@redhat.com (x_refsource_MISC)
secalert@redhat.com (x_refsource_CONFIRM)
secalert@redhat.com (x_refsource_UBUNTU, vendor-advisory)
secalert@redhat.com (vdb-entry, x_refsource_VUPEN)
secalert@redhat.com (vdb-entry, x_refsource_XF)
secalert@redhat.com (x_refsource_SECUNIA, third-party-advisory)
secalert@redhat.com (x_refsource_CONFIRM)
secalert@redhat.com (x_refsource_SECUNIA, third-party-advisory)
secalert@redhat.com (vendor-advisory, x_refsource_DEBIAN)
secalert@redhat.com (x_refsource_SECUNIA, third-party-advisory)

Frequently asked questions

What is CVE-2007-4029?: CVE-2007-4029 is a vulnerability in Libvorbis. Published 2007-07-26.
Is CVE-2007-4029 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.