Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2014-9640

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2014-9640
Last Modified 17 Apr 2015 09:59:48
Published 23 Jan 2015 10:59:10
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2014-9640

Summary

oggenc/oggenc.c in vorbis-tools 1.4.0 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted raw file.

Vulnerable Systems

Operating System

  • Novell Opensuse 13.1

  • Novell Opensuse 13.2

Application

  • Xiph Vorbis-tools 1.4.0


References

CONFIRM - https://trac.xiph.org/ticket/2009

CONFIRM - https://trac.xiph.org/changeset/19117

MLIST - [oss-security] 20150122 Re: CVE request: two issues in vorbis-tools

MLIST - [oss-security] 20150121 Re: CVE request: two issues in vorbis-tools

SUSE - openSUSE-SU-2015:0231

MANDRIVA - MDVSA-2015:037

CONFIRM - http://advisories.mageia.org/MGASA-2015-0051.html

FEDORA - FEDORA-2015-1253


Last Updated: 27 May 2016 11:03:27