|Bugzilla:||444443: CVE-2008-2009 vorbis: insufficient validation of Huffman tree causing memory corruption in _make_decode_tree()|
The MITRE CVE dictionary describes this issue as:
Xiph.org libvorbis before 1.0 does not properly check for underpopulated Huffman trees, which allows remote attackers to cause a denial of service (crash) via a crafted OGG file that triggers memory corruption during execution of the _make_decode_tree function.
Red Hat security errata
|Red Hat Enterprise Linux version 2.1 (libvorbis)||RHSA-2008:0271||May 14, 2008|
This page is generated automatically and has not been checked for errors or omissions.
For clarification or corrections please contact the Red Hat Security Response Team.