[prev in list] [next in list] [prev in thread] [next in thread]
List: oss-security
Subject: [oss-security] CVE request: vorbis-tools: buffer overflow in aiff_open()
From: "pcheng pcheng" <pcheng () gmx ! com>
Date: 2015-08-29 3:44:07
Message-ID: trinity-116f3199-3a24-4fd2-926b-9e59b39c2a36-1440819846798 () 3capp-mailcom-lxa14
[Download RAW message or body]
Name : vorbis-tool
Affected Version: <= Revision 19495
URL : https://wiki.xiph.org/Vorbis-tools
Description :
An issue was found in oggenc/audio.c when it tries to open invalid AIFF file.
274 if(fread(buffer,1,len,in) < len)
The input buffer and length can be controlled by user indirectly via:
260 if(!find_aiff_chunk(in, "COMM", &len))
More info can be found at :
https://trac.xiph.org/ticket/2212
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic