← Back

CVE-2008-1420

nvd nist
Published: May 16, 2008Modified: Apr 23, 2026

JSON object

Loading...
6.8
Vector
AV:N/AC:M/Au:N/C:P/I:P/A:P
Exploitability: 8.6 / Impact: 6.4
Source: NVD

Description

Integer overflow in residue partition value (aka partvals) evaluation in Xiph.org libvorbis 1.2.0 and earlier allows remote attackers to execute arbitrary code via a crafted OGG file, which triggers a heap overflow.

Affected (6)

Products: Xiph.org: Libvorbis
Xiph.org
1 product
Libvorbis
Configuration A
6 vulnerable · 8 platform
Vulnerable SoftwareAffected Versions
Xiph.org
Libvorbis
Version 1.0.0
Libvorbis
Version 1.0.1
Libvorbis
Version 1.1.0
Libvorbis
Version 1.1.1
Libvorbis
Version 1.12
Libvorbis
Version 1.2.0
Running on/withPlatform Versions
Redhat
Enterprise Linux
Version 2.1
Redhat
Enterprise Linux
Version 2.1
Redhat
Enterprise Linux
Version 2.1
Redhat
Enterprise Linux
Version 4.0
Redhat
Enterprise Linux
Version 5.0
Redhat
Enterprise Linux
Version 5
Redhat
Enterprise Linux
Version 5
Redhat
Linux Advanced Workstation
Version 2.1

Related CWEs

CWE-189
CWE-189

References (52)

Source: cve@mitre.org
Third Party Advisory
Source: cve@mitre.org
Permissions RequiredThird Party Advisory
Source: cve@mitre.org
Permissions RequiredThird Party Advisory
Source: cve@mitre.org
Permissions RequiredThird Party Advisory
Source: cve@mitre.org
Permissions RequiredThird Party Advisory
Source: cve@mitre.org
Permissions RequiredThird Party Advisory
Source: cve@mitre.org
Permissions RequiredThird Party Advisory
Source: cve@mitre.org
Permissions RequiredThird Party Advisory
Source: cve@mitre.org
Permissions RequiredThird Party Advisory
Source: cve@mitre.org
Permissions RequiredThird Party Advisory
Source: cve@mitre.org
Third Party Advisory
Source: cve@mitre.org
Third Party Advisory
Source: cve@mitre.org
Broken Link
Source: cve@mitre.org
Not Applicable
Source: cve@mitre.org
Not Applicable
Source: cve@mitre.org
Source: cve@mitre.org
Third Party AdvisoryVDB Entry
Source: cve@mitre.org
Third Party Advisory
Source: cve@mitre.org
Broken Link
Source: cve@mitre.org
Issue Tracking
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Mailing List
Source: cve@mitre.org
Mailing List
Source: cve@mitre.org
Mailing List
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Permissions RequiredThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Permissions RequiredThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Permissions RequiredThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Permissions RequiredThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Permissions RequiredThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Permissions RequiredThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Permissions RequiredThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Permissions RequiredThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Permissions RequiredThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link
Source: af854a3a-2127-422b-91ae-364da2661108
Not Applicable
Source: af854a3a-2127-422b-91ae-364da2661108
Not Applicable
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryVDB Entry
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link
Source: af854a3a-2127-422b-91ae-364da2661108
Issue Tracking
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing List
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing List
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing List

Timeline

No history available yet.