This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Xiph First view 2015-01-23
Product Vorbis-Tools Last view 2017-07-31
Version 1.4.0 Type Application
Update *  
Edition *  
Language *  
Sofware Edition *  
Target Software *  
Target Hardware *  
Other *  
 
CPE Product cpe:2.3:a:xiph:vorbis-tools

Activity : Overall

Related : CVE

  Date Alert Description
5.5 2017-07-31 CVE-2017-11331

The wav_open function in oggenc/audio.c in Xiph.Org vorbis-tools 1.4.0 allows remote attackers to cause a denial of service (memory allocation error) via a crafted wav file.

4.3 2015-09-21 CVE-2015-6749

Buffer overflow in the aiff_open function in oggenc/audio.c in vorbis-tools 1.4.0 and earlier allows remote attackers to cause a denial of service (crash) via a crafted AIFF file.

5 2015-01-23 CVE-2014-9640

oggenc/oggenc.c in vorbis-tools 1.4.0 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted raw file.

5 2015-01-23 CVE-2014-9639

Integer overflow in oggenc in vorbis-tools 1.4.0 allows remote attackers to cause a denial of service (crash) via a crafted number of channels in a WAV file, which triggers an out-of-bounds memory access.

5 2015-01-23 CVE-2014-9638

oggenc in vorbis-tools 1.4.0 allows remote attackers to cause a denial of service (divide-by-zero error and crash) via a WAV file with the number of channels set to zero.

CWE : Common Weakness Enumeration

%idName
100% (3) CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer

Nessus® Vulnerability Scanner

id Description
2017-07-05 Name: The remote Debian host is missing a security update.
File: debian_DLA-1010.nasl - Type: ACT_GATHER_INFO
2015-10-20 Name: The remote SUSE host is missing one or more security updates.
File: suse_SU-2015-1775-1.nasl - Type: ACT_GATHER_INFO
2015-10-19 Name: The remote SUSE host is missing one or more security updates.
File: suse_SU-2015-1765-1.nasl - Type: ACT_GATHER_INFO
2015-10-06 Name: The remote openSUSE host is missing a security update.
File: openSUSE-2015-633.nasl - Type: ACT_GATHER_INFO
2015-09-30 Name: The remote Debian host is missing a security update.
File: debian_DLA-317.nasl - Type: ACT_GATHER_INFO
2015-09-17 Name: The remote Fedora host is missing a security update.
File: fedora_2015-14663.nasl - Type: ACT_GATHER_INFO
2015-09-10 Name: The remote FreeBSD host is missing one or more security-related updates.
File: freebsd_pkg_a35f415d572a11e5b0a4f8b156b6dcc8.nasl - Type: ACT_GATHER_INFO
2015-09-08 Name: The remote Fedora host is missing a security update.
File: fedora_2015-14664.nasl - Type: ACT_GATHER_INFO
2015-06-10 Name: The remote SUSE host is missing one or more security updates.
File: suse_SU-2015-1014-1.nasl - Type: ACT_GATHER_INFO
2015-05-20 Name: The remote SUSE host is missing one or more security updates.
File: suse_SU-2015-0367-1.nasl - Type: ACT_GATHER_INFO
2015-03-19 Name: The remote openSUSE host is missing a security update.
File: openSUSE-2015-239.nasl - Type: ACT_GATHER_INFO
2015-03-02 Name: The remote Fedora host is missing a security update.
File: fedora_2015-2335.nasl - Type: ACT_GATHER_INFO
2015-03-02 Name: The remote Fedora host is missing a security update.
File: fedora_2015-2330.nasl - Type: ACT_GATHER_INFO
2015-02-09 Name: The remote openSUSE host is missing a security update.
File: openSUSE-2015-114.nasl - Type: ACT_GATHER_INFO
2015-02-09 Name: The remote Mandriva Linux host is missing a security update.
File: mandriva_MDVSA-2015-037.nasl - Type: ACT_GATHER_INFO
2015-02-05 Name: The remote Fedora host is missing a security update.
File: fedora_2015-1191.nasl - Type: ACT_GATHER_INFO
2015-01-30 Name: The remote Fedora host is missing a security update.
File: fedora_2015-1253.nasl - Type: ACT_GATHER_INFO