Xiph: >> Vorbis-Tools Security Vulnerabilities
Buffer Overflow vulnerability in Vorbis-tools v.1.4.2 allows a local attacker to execute arbitrary code and cause a denial of service during the conversion of wav files to ogg files.
CVSS Score
7.8
EPSS Score
0.0
Published
2023-10-02
The wav_open function in oggenc/audio.c in Xiph.Org vorbis-tools 1.4.0 allows remote attackers to cause a denial of service (memory allocation error) via a crafted wav file.
CVSS Score
5.5
EPSS Score
0.021
Published
2017-07-31
Buffer overflow in the aiff_open function in oggenc/audio.c in vorbis-tools 1.4.0 and earlier allows remote attackers to cause a denial of service (crash) via a crafted AIFF file.
CVSS Score
4.3
EPSS Score
0.025
Published
2015-09-21
oggenc/oggenc.c in vorbis-tools 1.4.0 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted raw file.
CVSS Score
5.0
EPSS Score
0.013
Published
2015-01-23
Integer overflow in oggenc in vorbis-tools 1.4.0 allows remote attackers to cause a denial of service (crash) via a crafted number of channels in a WAV file, which triggers an out-of-bounds memory access.
CVSS Score
5.0
EPSS Score
0.014
Published
2015-01-23
oggenc in vorbis-tools 1.4.0 allows remote attackers to cause a denial of service (divide-by-zero error and crash) via a WAV file with the number of channels set to zero.
CVSS Score
5.0
EPSS Score
0.013
Published
2015-01-23