Stb Vorbis Project

stb_vorbis_project

8 CVEs • 1 product

Products (1)

Click to collapse

Toggle

CVEs (8)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2019-13223 2Debian Stb Vorbis Project 2Debian Linux Stb Vorbis Nov 21, 2024 Aug 15, 2019 N/A· v4 5.5 MEDIUM· v3 4.3 MEDIUM· v2 A reachable assertion in the lookup1_values function in stb_vorbis through 2019-03-04 allows an attacker to cause a denial of service by opening a crafted Ogg Vorbis file.
CVE-2019-13222 2Debian Stb Vorbis Project 2Debian Linux Stb Vorbis Nov 21, 2024 Aug 15, 2019 N/A· v4 7.1 HIGH· v3 5.8 MEDIUM· v2 An out-of-bounds read of a global buffer in the draw_line function in stb_vorbis through 2019-03-04 allows an attacker to cause a denial of service or disclose sensitive information by opening a crafted Ogg Vorbis file.
CVE-2019-13221 2Debian Stb Vorbis Project 2Debian Linux Stb Vorbis Nov 21, 2024 Aug 15, 2019 N/A· v4 7.8 HIGH· v3 6.8 MEDIUM· v2 A stack buffer overflow in the compute_codewords function in stb_vorbis through 2019-03-04 allows an attacker to cause a denial of service or execute arbitrary code by opening a crafted Ogg Vorbis file.
CVE-2019-13220 2Debian Stb Vorbis Project 2Debian Linux Stb Vorbis Nov 21, 2024 Aug 15, 2019 N/A· v4 7.1 HIGH· v3 5.8 MEDIUM· v2 Use of uninitialized stack variables in the start_decoder function in stb_vorbis through 2019-03-04 allows an attacker to cause a denial of service or disclose sensitive information by opening a crafted Ogg Vorbis file.
CVE-2019-13219 2Debian Stb Vorbis Project 2Debian Linux Stb Vorbis Nov 21, 2024 Aug 15, 2019 N/A· v4 5.5 MEDIUM· v3 4.3 MEDIUM· v2 A NULL pointer dereference in the get_window function in stb_vorbis through 2019-03-04 allows an attacker to cause a denial of service by opening a crafted Ogg Vorbis file.
CVE-2019-13218 2Debian Stb Vorbis Project 2Debian Linux Stb Vorbis Nov 21, 2024 Aug 15, 2019 N/A· v4 5.5 MEDIUM· v3 4.3 MEDIUM· v2 Division by zero in the predict_point function in stb_vorbis through 2019-03-04 allows an attacker to cause a denial of service by opening a crafted Ogg Vorbis file.
CVE-2019-13217 2Debian Stb Vorbis Project 2Debian Linux Stb Vorbis Nov 21, 2024 Aug 15, 2019 N/A· v4 7.8 HIGH· v3 6.8 MEDIUM· v2 A heap buffer overflow in the start_decoder function in stb_vorbis through 2019-03-04 allows an attacker to cause a denial of service or execute arbitrary code by opening a crafted Ogg Vorbis file.
CVE-2018-1000050 1Stb Vorbis Project 1Stb Vorbis Nov 21, 2024 Feb 9, 2018 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 Sean Barrett stb_vorbis version 1.12 and earlier contains a Buffer Overflow vulnerability in All vorbis decoding paths. that can result in memory corruption, denial of service, comprised execution of host program. This a...Show more Sean Barrett stb_vorbis version 1.12 and earlier contains a Buffer Overflow vulnerability in All vorbis decoding paths. that can result in memory corruption, denial of service, comprised execution of host program. This attack appear to be exploitable via Victim must open a specially crafted Ogg Vorbis file. This vulnerability appears to have been fixed in 1.13.Show less