Xiph.org Libvorbis
4 CVEs affecting Xiph.org Libvorbis. Latest disclosed: 2017-09-21. Critical: 1, High: 1.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2017-14632 | Critical | 9.8 | 2017-09-21 | Xiph.Org libvorbis 1.3.5 allows Remote Code Execution upon freeing uninitialized memory in the function vorbis_analysis_headerout() in info.c when vi->channels… |
CVE-2017-14160 | High | 8.8 | 2017-09-21 | The bark_noise_hybridmp function in psy.c in Xiph.Org libvorbis 1.3.5 allows remote attackers to cause a denial of service (out-of-bounds access and applicatio… |
CVE-2017-14633 | Medium | 6.5 | 2017-09-21 | In Xiph.Org libvorbis 1.3.5, an out-of-bounds array read vulnerability exists in the function mapping0_forward() in mapping0.c, which may lead to DoS when oper… |
CVE-2017-11333 | Medium | 5.5 | 2017-07-31 | The vorbis_analysis_wrote function in lib/block.c in Xiph.Org libvorbis 1.3.5 allows remote attackers to cause a denial of service (OOM) via a crafted wav file. |