Vulnerabilities > Xiph ORG
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2008-05-16 | CVE-2008-1423 | Numeric Errors vulnerability in Xiph.Org Libvorbis Integer overflow in a certain quantvals and quantlist calculation in Xiph.org libvorbis 1.2.0 and earlier allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted OGG file with a large virtual space for its codebook, which triggers a heap overflow. | 9.3 |
| 2008-05-16 | CVE-2008-1420 | Numeric Errors vulnerability in Xiph.Org Libvorbis Integer overflow in residue partition value (aka partvals) evaluation in Xiph.org libvorbis 1.2.0 and earlier allows remote attackers to execute arbitrary code via a crafted OGG file, which triggers a heap overflow. | 6.8 |
| 2008-05-16 | CVE-2008-1419 | Improper Input Validation vulnerability in Xiph.Org Libvorbis Xiph.org libvorbis 1.2.0 and earlier does not properly handle a zero value for codebook.dim, which allows remote attackers to cause a denial of service (crash or infinite loop) or trigger an integer overflow. | 4.3 |
| 2007-09-21 | CVE-2007-4066 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Xiph.Org Libvorbis Multiple buffer overflows in Xiph.Org libvorbis before 1.2.0 allow context-dependent attackers to cause a denial of service or have other unspecified impact via a crafted OGG file, aka trac Changesets 13162, 13168, 13169, 13170, 13172, 13211, and 13215, as demonstrated by an overflow in oggenc.exe related to the _psy_noiseguards_8 array. | 4.3 |
| 2007-09-21 | CVE-2007-4065 | Unspecified vulnerability in Xiph.Org Libvorbis lib/vorbisfile.c in libvorbisfile in Xiph.Org libvorbis before 1.2.0 allows context-dependent attackers to cause a denial of service (infinite loop) via a crafted OGG file, aka trac Changeset 13217. network xiph-org | 4.3 |