CVE-2008-1419

Impact:
Important
Public Date:
2008-05-14
CWE:
CWE-835
Bugzilla:
440700: CVE-2008-1419 vorbis: zero-dim codebooks can cause crash, infinite loop or heap overflow

The MITRE CVE dictionary describes this issue as:

Xiph.org libvorbis 1.2.0 and earlier does not properly handle a zero value for codebook.dim, which allows remote attackers to cause a denial of service (crash or infinite loop) or trigger an integer overflow.

Find out more about CVE-2008-1419 from the MITRE CVE dictionary dictionary and NIST NVD.

Red Hat Security Errata

Platform Errata Release Date
Red Hat Enterprise Linux 3 (libvorbis) RHSA-2008:0270 2008-05-14
Red Hat Enterprise Linux 2.1 (libvorbis) RHSA-2008:0271 2008-05-14
Red Hat Enterprise Linux 5 (libvorbis) RHSA-2008:0270 2008-05-14
Red Hat Enterprise Linux 4 (libvorbis) RHSA-2008:0270 2008-05-14

Mitigation

Last Modified

CVE description copyright © 2017, The MITRE Corporation