Vulnerabilities > Xiph ORG > Libvorbis > 1.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2008-05-16 | CVE-2008-2009 | Denial-Of-Service vulnerability in Libvorbis Xiph.org libvorbis before 1.0 does not properly check for underpopulated Huffman trees, which allows remote attackers to cause a denial of service (crash) via a crafted OGG file that triggers memory corruption during execution of the _make_decode_tree function. | 4.3 |
| 2007-09-21 | CVE-2007-4066 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Xiph.Org Libvorbis Multiple buffer overflows in Xiph.Org libvorbis before 1.2.0 allow context-dependent attackers to cause a denial of service or have other unspecified impact via a crafted OGG file, aka trac Changesets 13162, 13168, 13169, 13170, 13172, 13211, and 13215, as demonstrated by an overflow in oggenc.exe related to the _psy_noiseguards_8 array. | 4.3 |
| 2007-09-21 | CVE-2007-4065 | Unspecified vulnerability in Xiph.Org Libvorbis lib/vorbisfile.c in libvorbisfile in Xiph.Org libvorbis before 1.2.0 allows context-dependent attackers to cause a denial of service (infinite loop) via a crafted OGG file, aka trac Changeset 13217. network xiph-org | 4.3 |