Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Multiple buffer overflows in Xiph.Org libvorbis before 1.2.0 allow context-dependent attackers to cause a denial of service or have other unspecified impact via a crafted OGG file, aka trac Changesets 13162, 13168, 13169, 13170, 13172, 13211, and 13215, as demonstrated by an overflow in oggenc.exe related to the _psy_noiseguards_8 array.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Libvorbis内存破坏及拒绝服务漏洞
Vulnerability Description
libvorbis是开源的音频音乐编码解码函数库。 libvorbis在处理畸形格式的音频文件时存在漏洞,攻击者可能利用此漏洞诱使用户处理畸形文档控制用户系统。 info.c文件的vorbis_info_clear()函数在执行清理操作期间,无效的映射类型可能导致越界查询分发表,且偏移是用户可控的。 如果提供了无效的blocksize_0和blocksize_1值的话,就可能在libvorbis的res0.c文件的_01inverse()函数中导致堆覆盖;此外无效的blocksize值还会导致block.
CVSS Information
N/A
Vulnerability Type
N/A