| Max CVSS | 7.5 | Min CVSS | 4.3 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2017-14633 | 4.3 |
In Xiph.Org libvorbis 1.3.5, an out-of-bounds array read vulnerability exists in the function mapping0_forward() in mapping0.c, which may lead to DoS when operating on a crafted audio file with vorbis_analysis().
|
07-12-2020 - 20:31 | 21-09-2017 - 07:29 | |
| CVE-2017-14632 | 7.5 |
Xiph.Org libvorbis 1.3.5 allows Remote Code Execution upon freeing uninitialized memory in the function vorbis_analysis_headerout() in info.c when vi->channels<=0, a similar issue to Mozilla bug 550184.
|
07-12-2020 - 20:26 | 21-09-2017 - 07:29 | |
| CVE-2017-11333 | 4.3 |
The vorbis_analysis_wrote function in lib/block.c in Xiph.Org libvorbis 1.3.5 allows remote attackers to cause a denial of service (OOM) via a crafted wav file.
|
03-10-2019 - 00:03 | 31-07-2017 - 13:29 | |
| CVE-2018-5146 | 6.8 |
An out of bounds memory write while processing Vorbis audio data was reported through the Pwn2Own contest. This vulnerability affects Firefox < 59.0.1, Firefox ESR < 52.7.2, and Thunderbird < 52.7.
|
11-03-2019 - 19:33 | 11-06-2018 - 21:29 |