Skip to navigation

CVE Database

CVE-2008-1420

Impact: Important
Public: 2008-05-14
Bugzilla: 440706: CVE-2008-1420 vorbis: integer overflow in partvals computation

Details

The MITRE CVE dictionary describes this issue as:

Integer overflow in residue partition value (aka partvals) evaluation in Xiph.org libvorbis 1.2.0 and earlier allows remote attackers to execute arbitrary code via a crafted OGG file, which triggers a heap overflow.

Find out more about CVE-2008-1420 from the MITRE CVE dictionary and NIST NVD.

Red Hat security errata

Platform Errata Release Date
Red Hat Enterprise Linux version 2.1 (libvorbis) RHSA-2008:0271 May 14, 2008
Red Hat Enterprise Linux version 3 (libvorbis) RHSA-2008:0270 May 14, 2008
Red Hat Enterprise Linux version 4 (libvorbis) RHSA-2008:0270 May 14, 2008
Red Hat Enterprise Linux version 5 (libvorbis) RHSA-2008:0270 May 14, 2008

External References

This page is generated automatically and has not been checked for errors or omissions.

For clarification or corrections please contact the Red Hat Security Response Team.