Red Hat Customer Portal

Skip to main content

CVE-2009-2663

libvorbis before r16182, as used in Mozilla Firefox 3.5.x before 3.5.2 and other products, allows context-dependent attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a crafted .ogg file.

Details Source

Mitre

Public Date

2009-06-24 00:00:00

Impact

Important

Bugzilla

CVE-2009-2663 libvorbis: Improper codec headers processing (DoS, ACE)

Bugzilla ID

516 259

CVSS Status

verified

Base Score

6.80

Base Metrics

AV:N/AC:M/Au:N/C:P/I:P/A:P

Red Hat Security Errata

Platform Errata Release Date
Red Hat Enterprise Linux 5 (libvorbis) RHSA-2009:1219 2009-08-18
Red Hat Enterprise Linux 3 (libvorbis) RHSA-2009:1219 2009-08-18
Red Hat Enterprise Linux 4 (libvorbis) RHSA-2009:1219 2009-08-18