4.3
CVE-2008-1419
- EPSS 4.25%
- Veröffentlicht 16.05.2008 12:54:00
- Zuletzt bearbeitet 16.06.2026 22:51:42
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
Xiph.org libvorbis 1.2.0 and earlier does not properly handle a zero value for codebook.dim, which allows remote attackers to cause a denial of service (crash or infinite loop) or trigger an integer overflow.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Xiph.Org ≫ Libvorbis Version1.0.0
Redhat ≫ Enterprise Linux Version2.1 Editionas
Redhat ≫ Enterprise Linux Version2.1 Editiones
Redhat ≫ Enterprise Linux Version2.1 Editionws
Redhat ≫ Enterprise Linux Version4.0
Redhat ≫ Enterprise Linux Version5 Editionclient
Redhat ≫ Enterprise Linux Version5 Editionclient_workstation
Redhat ≫ Enterprise Linux Version5.0
Redhat ≫ Linux Advanced Workstation Version2.1 Editionitanium
Redhat ≫ Enterprise Linux Version2.1 Editiones
Redhat ≫ Enterprise Linux Version2.1 Editionws
Redhat ≫ Enterprise Linux Version4.0
Redhat ≫ Enterprise Linux Version5 Editionclient
Redhat ≫ Enterprise Linux Version5 Editionclient_workstation
Redhat ≫ Enterprise Linux Version5.0
Redhat ≫ Linux Advanced Workstation Version2.1 Editionitanium
Xiph.Org ≫ Libvorbis Version1.0.1
Redhat ≫ Enterprise Linux Version2.1 Editionas
Redhat ≫ Enterprise Linux Version2.1 Editiones
Redhat ≫ Enterprise Linux Version2.1 Editionws
Redhat ≫ Enterprise Linux Version4.0
Redhat ≫ Enterprise Linux Version5 Editionclient
Redhat ≫ Enterprise Linux Version5 Editionclient_workstation
Redhat ≫ Enterprise Linux Version5.0
Redhat ≫ Linux Advanced Workstation Version2.1 Editionitanium
Redhat ≫ Enterprise Linux Version2.1 Editiones
Redhat ≫ Enterprise Linux Version2.1 Editionws
Redhat ≫ Enterprise Linux Version4.0
Redhat ≫ Enterprise Linux Version5 Editionclient
Redhat ≫ Enterprise Linux Version5 Editionclient_workstation
Redhat ≫ Enterprise Linux Version5.0
Redhat ≫ Linux Advanced Workstation Version2.1 Editionitanium
Xiph.Org ≫ Libvorbis Version1.1.0
Redhat ≫ Enterprise Linux Version2.1 Editionas
Redhat ≫ Enterprise Linux Version2.1 Editiones
Redhat ≫ Enterprise Linux Version2.1 Editionws
Redhat ≫ Enterprise Linux Version4.0
Redhat ≫ Enterprise Linux Version5 Editionclient
Redhat ≫ Enterprise Linux Version5 Editionclient_workstation
Redhat ≫ Enterprise Linux Version5.0
Redhat ≫ Linux Advanced Workstation Version2.1 Editionitanium
Redhat ≫ Enterprise Linux Version2.1 Editiones
Redhat ≫ Enterprise Linux Version2.1 Editionws
Redhat ≫ Enterprise Linux Version4.0
Redhat ≫ Enterprise Linux Version5 Editionclient
Redhat ≫ Enterprise Linux Version5 Editionclient_workstation
Redhat ≫ Enterprise Linux Version5.0
Redhat ≫ Linux Advanced Workstation Version2.1 Editionitanium
Xiph.Org ≫ Libvorbis Version1.1.1
Redhat ≫ Enterprise Linux Version2.1 Editionas
Redhat ≫ Enterprise Linux Version2.1 Editiones
Redhat ≫ Enterprise Linux Version2.1 Editionws
Redhat ≫ Enterprise Linux Version4.0
Redhat ≫ Enterprise Linux Version5 Editionclient
Redhat ≫ Enterprise Linux Version5 Editionclient_workstation
Redhat ≫ Enterprise Linux Version5.0
Redhat ≫ Linux Advanced Workstation Version2.1 Editionitanium
Redhat ≫ Enterprise Linux Version2.1 Editiones
Redhat ≫ Enterprise Linux Version2.1 Editionws
Redhat ≫ Enterprise Linux Version4.0
Redhat ≫ Enterprise Linux Version5 Editionclient
Redhat ≫ Enterprise Linux Version5 Editionclient_workstation
Redhat ≫ Enterprise Linux Version5.0
Redhat ≫ Linux Advanced Workstation Version2.1 Editionitanium
Xiph.Org ≫ Libvorbis Version1.2.0
Redhat ≫ Enterprise Linux Version2.1 Editionas
Redhat ≫ Enterprise Linux Version2.1 Editiones
Redhat ≫ Enterprise Linux Version2.1 Editionws
Redhat ≫ Enterprise Linux Version4.0
Redhat ≫ Enterprise Linux Version5 Editionclient
Redhat ≫ Enterprise Linux Version5 Editionclient_workstation
Redhat ≫ Enterprise Linux Version5.0
Redhat ≫ Linux Advanced Workstation Version2.1 Editionitanium
Redhat ≫ Enterprise Linux Version2.1 Editiones
Redhat ≫ Enterprise Linux Version2.1 Editionws
Redhat ≫ Enterprise Linux Version4.0
Redhat ≫ Enterprise Linux Version5 Editionclient
Redhat ≫ Enterprise Linux Version5 Editionclient_workstation
Redhat ≫ Enterprise Linux Version5.0
Redhat ≫ Linux Advanced Workstation Version2.1 Editionitanium
Xiph.Org ≫ Libvorbis Version1.12
Redhat ≫ Enterprise Linux Version2.1 Editionas
Redhat ≫ Enterprise Linux Version2.1 Editiones
Redhat ≫ Enterprise Linux Version2.1 Editionws
Redhat ≫ Enterprise Linux Version4.0
Redhat ≫ Enterprise Linux Version5 Editionclient
Redhat ≫ Enterprise Linux Version5 Editionclient_workstation
Redhat ≫ Enterprise Linux Version5.0
Redhat ≫ Linux Advanced Workstation Version2.1 Editionitanium
Redhat ≫ Enterprise Linux Version2.1 Editiones
Redhat ≫ Enterprise Linux Version2.1 Editionws
Redhat ≫ Enterprise Linux Version4.0
Redhat ≫ Enterprise Linux Version5 Editionclient
Redhat ≫ Enterprise Linux Version5 Editionclient_workstation
Redhat ≫ Enterprise Linux Version5.0
Redhat ≫ Linux Advanced Workstation Version2.1 Editionitanium
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 4.25% | 0.898 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 4.3 | 8.6 | 2.9 |
AV:N/AC:M/Au:N/C:N/I:N/A:P
|
CWE-20 Improper Input Validation
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
http://lists.opensuse.org/opensuse-security-announce/2008-06/msg00001.html
http://secunia.com/advisories/30581
http://secunia.com/advisories/30234
http://secunia.com/advisories/30237
http://secunia.com/advisories/30247
http://secunia.com/advisories/30259
http://secunia.com/advisories/30479
http://secunia.com/advisories/30820
http://secunia.com/advisories/32946
http://security.gentoo.org/glsa/glsa-200806-09.xml
http://www.debian.org/security/2008/dsa-1591
http://www.mandriva.com/security/advisories?name=MDVSA-2008:102
http://www.redhat.com/support/errata/RHSA-2008-0270.html
http://www.redhat.com/support/errata/RHSA-2008-0271.html
http://www.securityfocus.com/bid/29206
http://www.securitytracker.com/id?1020029
http://www.ubuntu.com/usn/USN-682-1
http://www.vupen.com/english/advisories/2008/1510/references
https://bugzilla.redhat.com/show_bug.cgi?id=440700
https://exchange.xforce.ibmcloud.com/vulnerabilities/42397
https://exchange.xforce.ibmcloud.com/vulnerabilities/42400
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10104
https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00243.html
https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00247.html
https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00256.html