Xiph : Security Vulnerabilities, CVEs, Published In 2015 (Overflow)
Buffer overflow in the aiff_open function in oggenc/audio.c in vorbis-tools 1.4.0 and earlier allows remote attackers to cause a denial of service (crash) via a crafted AIFF file.
Max CVSS
4.3
EPSS Score
2.43%
Published
2015-09-21
Updated
2016-12-08
oggenc/oggenc.c in vorbis-tools 1.4.0 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted raw file.
Max CVSS
5.0
EPSS Score
3.27%
Published
2015-01-23
Updated
2018-10-30
Integer overflow in oggenc in vorbis-tools 1.4.0 allows remote attackers to cause a denial of service (crash) via a crafted number of channels in a WAV file, which triggers an out-of-bounds memory access.
Max CVSS
5.0
EPSS Score
3.80%
Published
2015-01-23
Updated
2018-10-30
3 vulnerabilities found