Vulnerability Details CVE-2017-11333
The vorbis_analysis_wrote function in lib/block.c in Xiph.Org libvorbis 1.3.5 allows remote attackers to cause a denial of service (OOM) via a crafted wav file.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.012
EPSS Ranking 77.9%
CVSS Severity
CVSS v3 Score 5.5
CVSS v2 Score 4.3
References
- http://seclists.org/fulldisclosure/2017/Jul/82
- https://lists.debian.org/debian-lts-announce/2018/04/msg00033.html
- https://lists.debian.org/debian-lts-announce/2019/12/msg00021.html
- https://www.exploit-db.com/exploits/42399/
- http://seclists.org/fulldisclosure/2017/Jul/82
- https://lists.debian.org/debian-lts-announce/2018/04/msg00033.html
- https://lists.debian.org/debian-lts-announce/2019/12/msg00021.html
- https://www.exploit-db.com/exploits/42399/