CVE-2008-1419 - Secunia Advisories - Vulnerability Information

CVE Reference: CVE-2008-1419
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2008-1419

Description: Xiph.org libvorbis 1.2.0 and earlier does not properly handle a zero value for codebook.dim, which allows remote attackers to cause a denial of service (crash or infinite loop) or trigger an integer overflow.

CVE Status: Candidate

References: XF http://xforce.iss.net/xforce/xfdb/42397 http://xforce.iss.net/xforce/xfdb/42400 UBUNTU http://www.ubuntu.com/usn/USN-682-1 SUSE http://lists.opensuse.org/opensuse-security-announce/2008-06/msg00001.html ST 1020029 SAID Secunia Advisory: SA30820 Secunia Advisory: SA30581 Secunia Advisory: SA30237 Secunia Advisory: SA30247 Secunia Advisory: SA30259 Secunia Advisory: SA30479 Secunia Advisory: SA32946 Secunia Advisory: SA30234 REDHAT http://www.redhat.com/support/errata/RHSA-2008-0270.html http://www.redhat.com/support/errata/RHSA-2008-0271.html MANDRIVA http://www.mandriva.com/security/advisories?name=MDVSA-2008:102 GENTOO http://security.gentoo.org/glsa/glsa-200806-09.xml FEDORA DEBIAN http://www.debian.org/security/2008/dsa-1591 CONFIRM BID 29206

Return to the previous page.