Executive Summary
Summary | |
---|---|
Title | libvorbis vulnerabilities |
Informations | |||
---|---|---|---|
Name | USN-682-1 | First vendor Publication | 2008-12-01 |
Vendor | Ubuntu | Last vendor Modification | 2008-12-01 |
Severity (Vendor) | N/A | Revision | N/A |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:M/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 9.3 | Attack Range | Network |
Cvss Impact Score | 10 | Attack Complexity | Medium |
Cvss Expoit Score | 8.6 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
A security issue affects the following Ubuntu releases: Ubuntu 6.06 LTS Ubuntu 7.10 Ubuntu 8.04 LTS This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 6.06 LTS: Ubuntu 7.10: Ubuntu 8.04 LTS: After a standard system upgrade you need to restart any applications that use libvorbis, such as Totem and gtkpod, to effect the necessary changes. Details follow: It was discovered that libvorbis did not correctly handle certain malformed sound files. If a user were tricked into opening a specially crafted sound file with an application that uses libvorbis, an attacker could execute arbitrary code with the user's privileges. |
Original Source
Url : http://www.ubuntu.com/usn/USN-682-1 |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
67 % | CWE-189 | Numeric Errors (CWE/SANS Top 25) |
33 % | CWE-20 | Improper Input Validation |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:10104 | |||
Oval ID: | oval:org.mitre.oval:def:10104 | ||
Title: | Xiph.org libvorbis 1.2.0 and earlier does not properly handle a zero value for codebook.dim, which allows remote attackers to cause a denial of service (crash or infinite loop) or trigger an integer overflow. | ||
Description: | Xiph.org libvorbis 1.2.0 and earlier does not properly handle a zero value for codebook.dim, which allows remote attackers to cause a denial of service (crash or infinite loop) or trigger an integer overflow. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2008-1419 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:13839 | |||
Oval ID: | oval:org.mitre.oval:def:13839 | ||
Title: | USN-825-1 -- libvorbis vulnerability | ||
Description: | It was discovered that libvorbis did not correctly handle certain malformed ogg files. If a user were tricked into opening a specially crafted ogg file with an application that uses libvorbis, an attacker could execute arbitrary code with the user�s privileges. USN-682-1 provided updated libvorbis packages to fix multiple security vulnerabilities. The upstream security patch to fix CVE-2008-1420 introduced a regression when reading sound files encoded with libvorbis 1.0beta1. This update corrects the problem. Original advisory details: It was discovered that libvorbis did not correctly handle certain malformed sound files. If a user were tricked into opening a specially crafted sound file with an application that uses libvorbis, an attacker could execute arbitrary code with the user�s privileges | ||
Family: | unix | Class: | patch |
Reference(s): | USN-825-1 CVE-2009-2663 CVE-2008-1420 | Version: | 5 |
Platform(s): | Ubuntu 8.10 Ubuntu 8.04 Ubuntu 9.04 | Product(s): | libvorbis |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:17233 | |||
Oval ID: | oval:org.mitre.oval:def:17233 | ||
Title: | USN-682-1 -- libvorbis vulnerabilities | ||
Description: | It was discovered that libvorbis did not correctly handle certain malformed sound files. | ||
Family: | unix | Class: | patch |
Reference(s): | USN-682-1 CVE-2008-1419 CVE-2008-1420 CVE-2008-1423 | Version: | 7 |
Platform(s): | Ubuntu 6.06 Ubuntu 7.10 Ubuntu 8.04 | Product(s): | libvorbis |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:20255 | |||
Oval ID: | oval:org.mitre.oval:def:20255 | ||
Title: | DSA-1591-1 libvorbis - several vulnerabilities | ||
Description: | Several local (remote) vulnerabilities have been discovered in libvorbis, a library for the Vorbis general-purpose compressed audio codec. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-1591-1 CVE-2008-1419 CVE-2008-1420 CVE-2008-1423 | Version: | 5 |
Platform(s): | Debian GNU/Linux 4.0 | Product(s): | libvorbis |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:22554 | |||
Oval ID: | oval:org.mitre.oval:def:22554 | ||
Title: | ELSA-2008:0270: libvorbis security update (Important) | ||
Description: | Integer overflow in a certain quantvals and quantlist calculation in Xiph.org libvorbis 1.2.0 and earlier allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted OGG file with a large virtual space for its codebook, which triggers a heap overflow. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2008:0270-01 CVE-2008-1419 CVE-2008-1420 CVE-2008-1423 | Version: | 17 |
Platform(s): | Oracle Linux 5 | Product(s): | libvorbis |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:8013 | |||
Oval ID: | oval:org.mitre.oval:def:8013 | ||
Title: | DSA-1591 libvorbis -- several vulnerabilities | ||
Description: | Several local (remote) vulnerabilities have been discovered in libvorbis, a library for the Vorbis general-purpose compressed audio codec. The Common Vulnerabilities and Exposures project identifies the following problems: libvorbis does not properly handle a zero value which allows remote attackers to cause a denial of service (crash or infinite loop) or trigger an integer overflow. Integer overflow in libvorbis allows remote attackers to execute arbitrary code via a crafted OGG file, which triggers a heap overflow. Integer overflow in libvorbis allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted OGG file which triggers a heap overflow. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-1591 CVE-2008-1419 CVE-2008-1420 CVE-2008-1423 | Version: | 3 |
Platform(s): | Debian GNU/Linux 4.0 | Product(s): | libvorbis |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:9500 | |||
Oval ID: | oval:org.mitre.oval:def:9500 | ||
Title: | Integer overflow in residue partition value (aka partvals) evaluation in Xiph.org libvorbis 1.2.0 and earlier allows remote attackers to execute arbitrary code via a crafted OGG file, which triggers a heap overflow. | ||
Description: | Integer overflow in residue partition value (aka partvals) evaluation in Xiph.org libvorbis 1.2.0 and earlier allows remote attackers to execute arbitrary code via a crafted OGG file, which triggers a heap overflow. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2008-1420 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:9851 | |||
Oval ID: | oval:org.mitre.oval:def:9851 | ||
Title: | Integer overflow in a certain quantvals and quantlist calculation in Xiph.org libvorbis 1.2.0 and earlier allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted OGG file with a large virtual space for its codebook, which triggers a heap overflow. | ||
Description: | Integer overflow in a certain quantvals and quantlist calculation in Xiph.org libvorbis 1.2.0 and earlier allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted OGG file with a large virtual space for its codebook, which triggers a heap overflow. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2008-1423 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
OpenVAS Exploits
Date | Description |
---|---|
2009-12-03 | Name : FreeBSD Ports: libvorbis File : nvt/freebsd_libvorbis1.nasl |
2009-10-13 | Name : SLES10: Security update for libvorbis File : nvt/sles10_libvorbis.nasl |
2009-10-10 | Name : SLES9: Security update for libvorbis File : nvt/sles9p5026120.nasl |
2009-09-02 | Name : Ubuntu USN-825-1 (libvorbis) File : nvt/ubuntu_825_1.nasl |
2009-04-09 | Name : Mandriva Update for libvorbis MDVSA-2008:102 (libvorbis) File : nvt/gb_mandriva_MDVSA_2008_102.nasl |
2009-03-23 | Name : Ubuntu Update for libvorbis vulnerabilities USN-682-1 File : nvt/gb_ubuntu_USN_682_1.nasl |
2009-03-06 | Name : RedHat Update for libvorbis RHSA-2008:0270-01 File : nvt/gb_RHSA-2008_0270-01_libvorbis.nasl |
2009-03-06 | Name : RedHat Update for libvorbis RHSA-2008:0271-01 File : nvt/gb_RHSA-2008_0271-01_libvorbis.nasl |
2009-02-27 | Name : CentOS Update for libvorbis CESA-2008:0270 centos3 i386 File : nvt/gb_CESA-2008_0270_libvorbis_centos3_i386.nasl |
2009-02-27 | Name : CentOS Update for libvorbis CESA-2008:0270 centos3 x86_64 File : nvt/gb_CESA-2008_0270_libvorbis_centos3_x86_64.nasl |
2009-02-27 | Name : CentOS Update for libvorbis CESA-2008:0271-01 centos2 i386 File : nvt/gb_CESA-2008_0271-01_libvorbis_centos2_i386.nasl |
2009-02-17 | Name : Fedora Update for libvorbis FEDORA-2008-3898 File : nvt/gb_fedora_2008_3898_libvorbis_fc7.nasl |
2009-02-17 | Name : Fedora Update for libvorbis FEDORA-2008-3934 File : nvt/gb_fedora_2008_3934_libvorbis_fc8.nasl |
2009-02-17 | Name : Fedora Update for libvorbis FEDORA-2008-3910 File : nvt/gb_fedora_2008_3910_libvorbis_fc9.nasl |
2008-09-24 | Name : Gentoo Security Advisory GLSA 200806-09 (libvorbis) File : nvt/glsa_200806_09.nasl |
2008-09-04 | Name : FreeBSD Ports: libvorbis File : nvt/freebsd_libvorbis0.nasl |
2008-06-11 | Name : Debian Security Advisory DSA 1591-1 (libvorbis) File : nvt/deb_1591_1.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
45157 | libvorbis OGG File quantvals / quantlist Processing Overflow |
45156 | libvorbis OGG File Residue Partition Values Processing Overflow |
45155 | libvorbis OGG File Codebook Dimension Handling Overflow |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2015-08-26 | Name : The remote FreeBSD host is missing a security-related update. File : freebsd_pkg_3dac84c9bce141999784d68af1eb7b2e.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2008-0270.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20080514_libvorbis_on_SL3_x.nasl - Type : ACT_GATHER_INFO |
2009-11-25 | Name : The remote FreeBSD host is missing a security-related update. File : freebsd_pkg_94edff42d93d11dea4340211d880e350.nasl - Type : ACT_GATHER_INFO |
2009-09-24 | Name : The remote SuSE 9 host is missing a security-related patch. File : suse9_12159.nasl - Type : ACT_GATHER_INFO |
2009-08-25 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-825-1.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2008-102.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-682-1.nasl - Type : ACT_GATHER_INFO |
2008-06-24 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200806-09.nasl - Type : ACT_GATHER_INFO |
2008-06-04 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1591.nasl - Type : ACT_GATHER_INFO |
2008-05-29 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_libvorbis-5259.nasl - Type : ACT_GATHER_INFO |
2008-05-29 | Name : The remote openSUSE host is missing a security update. File : suse_libvorbis-5258.nasl - Type : ACT_GATHER_INFO |
2008-05-20 | Name : The remote FreeBSD host is missing a security-related update. File : freebsd_pkg_f5a76faf244c11ddb1430211d880e350.nasl - Type : ACT_GATHER_INFO |
2008-05-16 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2008-0270.nasl - Type : ACT_GATHER_INFO |
2008-05-16 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2008-0271.nasl - Type : ACT_GATHER_INFO |
2008-05-16 | Name : The remote Fedora host is missing a security update. File : fedora_2008-3898.nasl - Type : ACT_GATHER_INFO |
2008-05-16 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2008-0270.nasl - Type : ACT_GATHER_INFO |
2008-05-16 | Name : The remote Fedora host is missing a security update. File : fedora_2008-3934.nasl - Type : ACT_GATHER_INFO |
2008-05-16 | Name : The remote Fedora host is missing a security update. File : fedora_2008-3910.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 12:05:29 |
|