FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

CVE-2008-1419

This CVE name corresponds to:

Entered Topic
2015-08-25 libtremor -- multiple vulnerabilities
2008-05-17 libvorbis -- various security issues

The following information is adapted from the Common Vulnerabilities and Exposures (CVE) project. CVE and the CVE logo are trademarks of The MITRE Corporation. CVE content is Copyright 2005, The MITRE Corporation.

CVE-2008-1419 at cve.mitre.org

Details

Type Candidate
Name CVE-2008-1419
Phase Assigned(20080320)

Description

Xiph.org libvorbis 1.2.0 and earlier does not properly handle a zero value for codebook.dim, which allows remote attackers to cause a denial of service (crash or infinite loop) or trigger an integer overflow.

References

Source Reference
CONFIRM https://bugzilla.redhat.com/show_bug.cgi?id=440700
DEBIAN DSA-1591
FEDORA FEDORA-2008-3898
FEDORA FEDORA-2008-3910
FEDORA FEDORA-2008-3934
GENTOO GLSA-200806-09
MANDRIVA MDVSA-2008:102
REDHAT RHSA-2008:0270
REDHAT RHSA-2008:0271
SUSE SUSE-SR:2008:012
UBUNTU USN-682-1
BID 29206
OVAL oval:org.mitre.oval:def:10104
SECUNIA 32946
VUPEN ADV-2008-1510
SECTRACK 1020029
SECUNIA 30234
SECUNIA 30237
SECUNIA 30247
SECUNIA 30259
SECUNIA 30479
SECUNIA 30581
SECUNIA 30820
XF libvorbis-ogg-bo(42397)
XF libvorbis-ogg-dos(42400)

Copyright © 2005 The MITRE Corporation.

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.