CVE-2008-1423 : Integer overflow in a certain quantvals and quantlist calculation in Xiph.org li

Integer overflow in a certain quantvals and quantlist calculation in Xiph.org libvorbis 1.2.0 and earlier allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted OGG file with a large virtual space for its codebook, which triggers a heap overflow.

Published 2008-05-16 12:54:00

Updated 2025-04-09 00:30:58

Source MITRE

View at NVD, CVE.org

Vulnerability category: OverflowExecute codeDenial of service

Products affected by CVE-2008-1423

Xiph.org » Libvorbis » Version: 1.1.0
cpe:2.3:a:xiph.org:libvorbis:1.1.0:*:*:*:*:*:*:*
Matching versions
When used together with: Redhat » Enterprise Linux » Version: 2.1 AS Edition
When used together with: Redhat » Enterprise Linux » Version: 2.1 ES Edition
When used together with: Redhat » Enterprise Linux » Version: 2.1 WS Edition
When used together with: Redhat » Enterprise Linux » Version: 5 Client Edition
When used together with: Redhat » Enterprise Linux » Version: 5 Client Workstation Edition
When used together with: Redhat » Enterprise Linux » Version: 5.0
When used together with: Redhat » Linux Advanced Workstation » Version: 2.1 Itanium Edition
Xiph.org » Libvorbis » Version: 1.1.1
cpe:2.3:a:xiph.org:libvorbis:1.1.1:*:*:*:*:*:*:*
Matching versions
When used together with: Redhat » Enterprise Linux » Version: 2.1 AS Edition
When used together with: Redhat » Enterprise Linux » Version: 2.1 ES Edition
When used together with: Redhat » Enterprise Linux » Version: 2.1 WS Edition
When used together with: Redhat » Enterprise Linux » Version: 5 Client Edition
When used together with: Redhat » Enterprise Linux » Version: 5 Client Workstation Edition
When used together with: Redhat » Enterprise Linux » Version: 5.0
When used together with: Redhat » Linux Advanced Workstation » Version: 2.1 Itanium Edition
Xiph.org » Libvorbis » Version: 1.0.0
cpe:2.3:a:xiph.org:libvorbis:1.0.0:*:*:*:*:*:*:*
Matching versions
When used together with: Redhat » Enterprise Linux » Version: 2.1 AS Edition
When used together with: Redhat » Enterprise Linux » Version: 2.1 ES Edition
When used together with: Redhat » Enterprise Linux » Version: 2.1 WS Edition
When used together with: Redhat » Enterprise Linux » Version: 5 Client Edition
When used together with: Redhat » Enterprise Linux » Version: 5 Client Workstation Edition
When used together with: Redhat » Enterprise Linux » Version: 5.0
When used together with: Redhat » Linux Advanced Workstation » Version: 2.1 Itanium Edition
Xiph.org » Libvorbis » Version: 1.0.1
cpe:2.3:a:xiph.org:libvorbis:1.0.1:*:*:*:*:*:*:*
Matching versions
When used together with: Redhat » Enterprise Linux » Version: 2.1 AS Edition
When used together with: Redhat » Enterprise Linux » Version: 2.1 ES Edition
When used together with: Redhat » Enterprise Linux » Version: 2.1 WS Edition
When used together with: Redhat » Enterprise Linux » Version: 5 Client Edition
When used together with: Redhat » Enterprise Linux » Version: 5 Client Workstation Edition
When used together with: Redhat » Enterprise Linux » Version: 5.0
When used together with: Redhat » Linux Advanced Workstation » Version: 2.1 Itanium Edition
Xiph.org » Libvorbis » Version: 1.2.0
cpe:2.3:a:xiph.org:libvorbis:1.2.0:*:*:*:*:*:*:*
Matching versions
When used together with: Redhat » Enterprise Linux » Version: 2.1 AS Edition
When used together with: Redhat » Enterprise Linux » Version: 2.1 ES Edition
When used together with: Redhat » Enterprise Linux » Version: 2.1 WS Edition
When used together with: Redhat » Enterprise Linux » Version: 5 Client Edition
When used together with: Redhat » Enterprise Linux » Version: 5 Client Workstation Edition
When used together with: Redhat » Enterprise Linux » Version: 5.0
When used together with: Redhat » Linux Advanced Workstation » Version: 2.1 Itanium Edition
Xiph.org » Libvorbis » Version: 1.1.2
cpe:2.3:a:xiph.org:libvorbis:1.1.2:*:*:*:*:*:*:*
Matching versions
When used together with: Redhat » Enterprise Linux » Version: 2.1 AS Edition
When used together with: Redhat » Enterprise Linux » Version: 2.1 ES Edition
When used together with: Redhat » Enterprise Linux » Version: 2.1 WS Edition
When used together with: Redhat » Enterprise Linux » Version: 5 Client Edition
When used together with: Redhat » Enterprise Linux » Version: 5 Client Workstation Edition
When used together with: Redhat » Enterprise Linux » Version: 5.0
When used together with: Redhat » Linux Advanced Workstation » Version: 2.1 Itanium Edition

Exploit prediction scoring system (EPSS) score for CVE-2008-1423

EPSS FAQ

6.47%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 90 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2008-1423

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source	First Seen
9.3	HIGH	AV:N/AC:M/Au:N/C:C/I:C/A:C	8.6	10.0	NIST
Access Vector: Network Access Complexity: Medium Authentication: None Confidentiality Impact: Complete Integrity Impact: Complete Availability Impact: Complete

CWE ids for CVE-2008-1423

CWE-189

Assigned by: nvd@nist.gov (Primary)

References for CVE-2008-1423

http://www.vupen.com/english/advisories/2008/1510/references

Site en construction
Broken Link

CVEs referencing this url
https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00247.html

[SECURITY] Fedora 7 Update: libvorbis-1.1.2-4.fc7
Mailing List

CVEs referencing this url
https://bugzilla.redhat.com/show_bug.cgi?id=440709

440709 – (CVE-2008-1423) CVE-2008-1423 vorbis: integer oveflow caused by huge codebooks
Issue Tracking
http://secunia.com/advisories/30247

About Secunia Research | Flexera
Permissions Required;Third Party Advisory

CVEs referencing this url
http://secunia.com/advisories/30234

About Secunia Research | Flexera
Permissions Required;Third Party Advisory

CVEs referencing this url
http://www.securitytracker.com/id?1020029

GoDaddy Domain Name Search
Third Party Advisory;VDB Entry

CVEs referencing this url
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9851

404 Not Found
http://www.debian.org/security/2008/dsa-1591

[SECURITY] [DSA 1591-1] New libvorbis packages fix several vulnerabilities
Third Party Advisory

CVEs referencing this url
http://www.securityfocus.com/bid/29206

Third Party Advisory;VDB Entry

CVEs referencing this url
http://secunia.com/advisories/30581

About Secunia Research | Flexera
Permissions Required;Third Party Advisory

CVEs referencing this url
http://www.redhat.com/support/errata/RHSA-2008-0270.html

Support
Not Applicable

CVEs referencing this url
http://security.gentoo.org/glsa/glsa-200806-09.xml

libvorbis: Multiple vulnerabilities (GLSA 200806-09) — Gentoo security
Third Party Advisory

CVEs referencing this url
http://secunia.com/advisories/30479

About Secunia Research | Flexera
Permissions Required;Third Party Advisory

CVEs referencing this url
http://secunia.com/advisories/30820

About Secunia Research | Flexera
Permissions Required;Third Party Advisory

CVEs referencing this url
http://secunia.com/advisories/30259

About Secunia Research | Flexera
Permissions Required;Third Party Advisory

CVEs referencing this url
http://secunia.com/advisories/32946

About Secunia Research | Flexera
Permissions Required;Third Party Advisory

CVEs referencing this url
http://www.redhat.com/support/errata/RHSA-2008-0271.html

Support
Not Applicable

CVEs referencing this url
http://www.ubuntu.com/usn/USN-682-1

USN-682-1: libvorbis vulnerabilities | Ubuntu security notices | Ubuntu
Third Party Advisory

CVEs referencing this url
https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00256.html

[SECURITY] Fedora 9 Update: libvorbis-1.2.0-4.fc9
Mailing List

CVEs referencing this url
http://www.mandriva.com/security/advisories?name=MDVSA-2008:102

Mandriva
Broken Link

CVEs referencing this url
https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00243.html

[SECURITY] Fedora 8 Update: libvorbis-1.2.0-2.fc8
Mailing List

CVEs referencing this url
http://lists.opensuse.org/opensuse-security-announce/2008-06/msg00001.html

[security-announce] SUSE Security Summary Report SUSE-SR:2008:012 - openSUSE Security Announce - openSUSE Mailing Lists
Third Party Advisory

CVEs referencing this url
https://exchange.xforce.ibmcloud.com/vulnerabilities/42403

libvorbis quantvals and quantlist buffer overflow CVE-2008-1423 Vulnerability Report
http://secunia.com/advisories/30237

About Secunia Research | Flexera
Permissions Required;Third Party Advisory

CVEs referencing this url

Jump to

Vulnerability Details : CVE-2008-1423

Products affected by CVE-2008-1423

Exploit prediction scoring system (EPSS) score for CVE-2008-1423

CVSS scores for CVE-2008-1423

CWE ids for CVE-2008-1423

References for CVE-2008-1423