Executive Summary
Summary | |
---|---|
Title | libvorbis security update |
Informations | |||
---|---|---|---|
Name | RHSA-2008:0270 | First vendor Publication | 2008-05-14 |
Vendor | RedHat | Last vendor Modification | 2008-05-14 |
Severity (Vendor) | Important | Revision | 01 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:M/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 9.3 | Attack Range | Network |
Cvss Impact Score | 10 | Attack Complexity | Medium |
Cvss Expoit Score | 8.6 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Problem Description: Updated libvorbis packages that fix various security issues are now available for Red Hat Enterprise Linux 3, 4, and 5. This update has been rated as having important security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Desktop version 3 - i386, x86_64 Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64 RHEL Desktop Workstation (v. 5 client) - i386, x86_64 Red Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64 3. Description: The libvorbis packages contain runtime libraries for use in programs that support Ogg Vorbis. Ogg Vorbis is a fully open, non-proprietary, patent-and royalty-free, general-purpose compressed audio format. Will Drewry of the Google Security Team reported several flaws in the way libvorbis processed audio data. An attacker could create a carefully crafted OGG audio file in such a way that it could cause an application linked with libvorbis to crash, or execute arbitrary code when it was opened. (CVE-2008-1419, CVE-2008-1420, CVE-2008-1423) Moreover, additional OGG file sanity-checks have been added to prevent possible exploitation of similar issues in the future. Users of libvorbis are advised to upgrade to these updated packages, which contain backported patches to resolve these issues. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. This update is available via Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/FAQ_58_10188 5. Bugs fixed (http://bugzilla.redhat.com/): 440700 - CVE-2008-1419 vorbis: zero-dim codebooks can cause crash, infinite loop or heap overflow 440706 - CVE-2008-1420 vorbis: integer overflow in partvals computation 440709 - CVE-2008-1423 vorbis: integer oveflow caused by huge codebooks |
Original Source
Url : https://rhn.redhat.com/errata/RHSA-2008-0270.html |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
67 % | CWE-189 | Numeric Errors (CWE/SANS Top 25) |
33 % | CWE-20 | Improper Input Validation |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:10104 | |||
Oval ID: | oval:org.mitre.oval:def:10104 | ||
Title: | Xiph.org libvorbis 1.2.0 and earlier does not properly handle a zero value for codebook.dim, which allows remote attackers to cause a denial of service (crash or infinite loop) or trigger an integer overflow. | ||
Description: | Xiph.org libvorbis 1.2.0 and earlier does not properly handle a zero value for codebook.dim, which allows remote attackers to cause a denial of service (crash or infinite loop) or trigger an integer overflow. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2008-1419 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:13839 | |||
Oval ID: | oval:org.mitre.oval:def:13839 | ||
Title: | USN-825-1 -- libvorbis vulnerability | ||
Description: | It was discovered that libvorbis did not correctly handle certain malformed ogg files. If a user were tricked into opening a specially crafted ogg file with an application that uses libvorbis, an attacker could execute arbitrary code with the user�s privileges. USN-682-1 provided updated libvorbis packages to fix multiple security vulnerabilities. The upstream security patch to fix CVE-2008-1420 introduced a regression when reading sound files encoded with libvorbis 1.0beta1. This update corrects the problem. Original advisory details: It was discovered that libvorbis did not correctly handle certain malformed sound files. If a user were tricked into opening a specially crafted sound file with an application that uses libvorbis, an attacker could execute arbitrary code with the user�s privileges | ||
Family: | unix | Class: | patch |
Reference(s): | USN-825-1 CVE-2009-2663 CVE-2008-1420 | Version: | 5 |
Platform(s): | Ubuntu 8.10 Ubuntu 8.04 Ubuntu 9.04 | Product(s): | libvorbis |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:17233 | |||
Oval ID: | oval:org.mitre.oval:def:17233 | ||
Title: | USN-682-1 -- libvorbis vulnerabilities | ||
Description: | It was discovered that libvorbis did not correctly handle certain malformed sound files. | ||
Family: | unix | Class: | patch |
Reference(s): | USN-682-1 CVE-2008-1419 CVE-2008-1420 CVE-2008-1423 | Version: | 7 |
Platform(s): | Ubuntu 6.06 Ubuntu 7.10 Ubuntu 8.04 | Product(s): | libvorbis |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:20255 | |||
Oval ID: | oval:org.mitre.oval:def:20255 | ||
Title: | DSA-1591-1 libvorbis - several vulnerabilities | ||
Description: | Several local (remote) vulnerabilities have been discovered in libvorbis, a library for the Vorbis general-purpose compressed audio codec. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-1591-1 CVE-2008-1419 CVE-2008-1420 CVE-2008-1423 | Version: | 5 |
Platform(s): | Debian GNU/Linux 4.0 | Product(s): | libvorbis |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:22554 | |||
Oval ID: | oval:org.mitre.oval:def:22554 | ||
Title: | ELSA-2008:0270: libvorbis security update (Important) | ||
Description: | Integer overflow in a certain quantvals and quantlist calculation in Xiph.org libvorbis 1.2.0 and earlier allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted OGG file with a large virtual space for its codebook, which triggers a heap overflow. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2008:0270-01 CVE-2008-1419 CVE-2008-1420 CVE-2008-1423 | Version: | 17 |
Platform(s): | Oracle Linux 5 | Product(s): | libvorbis |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:8013 | |||
Oval ID: | oval:org.mitre.oval:def:8013 | ||
Title: | DSA-1591 libvorbis -- several vulnerabilities | ||
Description: | Several local (remote) vulnerabilities have been discovered in libvorbis, a library for the Vorbis general-purpose compressed audio codec. The Common Vulnerabilities and Exposures project identifies the following problems: libvorbis does not properly handle a zero value which allows remote attackers to cause a denial of service (crash or infinite loop) or trigger an integer overflow. Integer overflow in libvorbis allows remote attackers to execute arbitrary code via a crafted OGG file, which triggers a heap overflow. Integer overflow in libvorbis allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted OGG file which triggers a heap overflow. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-1591 CVE-2008-1419 CVE-2008-1420 CVE-2008-1423 | Version: | 3 |
Platform(s): | Debian GNU/Linux 4.0 | Product(s): | libvorbis |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:9500 | |||
Oval ID: | oval:org.mitre.oval:def:9500 | ||
Title: | Integer overflow in residue partition value (aka partvals) evaluation in Xiph.org libvorbis 1.2.0 and earlier allows remote attackers to execute arbitrary code via a crafted OGG file, which triggers a heap overflow. | ||
Description: | Integer overflow in residue partition value (aka partvals) evaluation in Xiph.org libvorbis 1.2.0 and earlier allows remote attackers to execute arbitrary code via a crafted OGG file, which triggers a heap overflow. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2008-1420 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:9851 | |||
Oval ID: | oval:org.mitre.oval:def:9851 | ||
Title: | Integer overflow in a certain quantvals and quantlist calculation in Xiph.org libvorbis 1.2.0 and earlier allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted OGG file with a large virtual space for its codebook, which triggers a heap overflow. | ||
Description: | Integer overflow in a certain quantvals and quantlist calculation in Xiph.org libvorbis 1.2.0 and earlier allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted OGG file with a large virtual space for its codebook, which triggers a heap overflow. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2008-1423 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
OpenVAS Exploits
Date | Description |
---|---|
2009-12-03 | Name : FreeBSD Ports: libvorbis File : nvt/freebsd_libvorbis1.nasl |
2009-10-13 | Name : SLES10: Security update for libvorbis File : nvt/sles10_libvorbis.nasl |
2009-10-10 | Name : SLES9: Security update for libvorbis File : nvt/sles9p5026120.nasl |
2009-09-02 | Name : Ubuntu USN-825-1 (libvorbis) File : nvt/ubuntu_825_1.nasl |
2009-04-09 | Name : Mandriva Update for libvorbis MDVSA-2008:102 (libvorbis) File : nvt/gb_mandriva_MDVSA_2008_102.nasl |
2009-03-23 | Name : Ubuntu Update for libvorbis vulnerabilities USN-682-1 File : nvt/gb_ubuntu_USN_682_1.nasl |
2009-03-06 | Name : RedHat Update for libvorbis RHSA-2008:0270-01 File : nvt/gb_RHSA-2008_0270-01_libvorbis.nasl |
2009-03-06 | Name : RedHat Update for libvorbis RHSA-2008:0271-01 File : nvt/gb_RHSA-2008_0271-01_libvorbis.nasl |
2009-02-27 | Name : CentOS Update for libvorbis CESA-2008:0270 centos3 i386 File : nvt/gb_CESA-2008_0270_libvorbis_centos3_i386.nasl |
2009-02-27 | Name : CentOS Update for libvorbis CESA-2008:0270 centos3 x86_64 File : nvt/gb_CESA-2008_0270_libvorbis_centos3_x86_64.nasl |
2009-02-27 | Name : CentOS Update for libvorbis CESA-2008:0271-01 centos2 i386 File : nvt/gb_CESA-2008_0271-01_libvorbis_centos2_i386.nasl |
2009-02-17 | Name : Fedora Update for libvorbis FEDORA-2008-3898 File : nvt/gb_fedora_2008_3898_libvorbis_fc7.nasl |
2009-02-17 | Name : Fedora Update for libvorbis FEDORA-2008-3934 File : nvt/gb_fedora_2008_3934_libvorbis_fc8.nasl |
2009-02-17 | Name : Fedora Update for libvorbis FEDORA-2008-3910 File : nvt/gb_fedora_2008_3910_libvorbis_fc9.nasl |
2008-09-24 | Name : Gentoo Security Advisory GLSA 200806-09 (libvorbis) File : nvt/glsa_200806_09.nasl |
2008-09-04 | Name : FreeBSD Ports: libvorbis File : nvt/freebsd_libvorbis0.nasl |
2008-06-11 | Name : Debian Security Advisory DSA 1591-1 (libvorbis) File : nvt/deb_1591_1.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
45157 | libvorbis OGG File quantvals / quantlist Processing Overflow |
45156 | libvorbis OGG File Residue Partition Values Processing Overflow |
45155 | libvorbis OGG File Codebook Dimension Handling Overflow |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2015-08-26 | Name : The remote FreeBSD host is missing a security-related update. File : freebsd_pkg_3dac84c9bce141999784d68af1eb7b2e.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2008-0270.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20080514_libvorbis_on_SL3_x.nasl - Type : ACT_GATHER_INFO |
2009-11-25 | Name : The remote FreeBSD host is missing a security-related update. File : freebsd_pkg_94edff42d93d11dea4340211d880e350.nasl - Type : ACT_GATHER_INFO |
2009-09-24 | Name : The remote SuSE 9 host is missing a security-related patch. File : suse9_12159.nasl - Type : ACT_GATHER_INFO |
2009-08-25 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-825-1.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2008-102.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-682-1.nasl - Type : ACT_GATHER_INFO |
2008-06-24 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200806-09.nasl - Type : ACT_GATHER_INFO |
2008-06-04 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1591.nasl - Type : ACT_GATHER_INFO |
2008-05-29 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_libvorbis-5259.nasl - Type : ACT_GATHER_INFO |
2008-05-29 | Name : The remote openSUSE host is missing a security update. File : suse_libvorbis-5258.nasl - Type : ACT_GATHER_INFO |
2008-05-20 | Name : The remote FreeBSD host is missing a security-related update. File : freebsd_pkg_f5a76faf244c11ddb1430211d880e350.nasl - Type : ACT_GATHER_INFO |
2008-05-16 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2008-0270.nasl - Type : ACT_GATHER_INFO |
2008-05-16 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2008-0271.nasl - Type : ACT_GATHER_INFO |
2008-05-16 | Name : The remote Fedora host is missing a security update. File : fedora_2008-3898.nasl - Type : ACT_GATHER_INFO |
2008-05-16 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2008-0270.nasl - Type : ACT_GATHER_INFO |
2008-05-16 | Name : The remote Fedora host is missing a security update. File : fedora_2008-3934.nasl - Type : ACT_GATHER_INFO |
2008-05-16 | Name : The remote Fedora host is missing a security update. File : fedora_2008-3910.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 11:51:37 |
|