FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The last vuln.xml file processed by FreshPorts is:

Revision:  452287
Date:      2017-10-17
Time:      17:45:10Z
Committer: swills

List all Vulnerabilities, by package

List all Vulnerabilities, by date

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
94edff42-d93d-11de-a434-0211d880e350libvorbis -- multiple vulnerabilities

The Ubuntu security team reports:

It was discovered that libvorbis did not correctly handle certain malformed vorbis files. If a user were tricked into opening a specially crafted vorbis file with an application that uses libvorbis, an attacker could cause a denial of service or possibly execute arbitrary code with the user's privileges.


Discovery 2009-11-24
Entry 2009-11-24
libvorbis
lt 1.2.3_1,3

CVE-2008-1420
CVE-2009-3379
f5a76faf-244c-11dd-b143-0211d880e350libvorbis -- various security issues

Red Hat reports:

Will Drewry of the Google Security Team reported several flaws in the way libvorbis processed audio data. An attacker could create a carefully crafted [Vorbis] audio file in such a way that it could cause an application linked with libvorbis to crash, or execute arbitrary code when it was opened.


Discovery 2008-05-14
Entry 2008-05-17
libvorbis
lt 1.2.0_2,3

CVE-2008-1419
CVE-2008-1420
CVE-2008-1423
https://rhn.redhat.com/errata/RHSA-2008-0270.html
94edff42-d93d-11de-a434-0211d880e350libvorbis -- multiple vulnerabilities

The Ubuntu security team reports:

It was discovered that libvorbis did not correctly handle certain malformed vorbis files. If a user were tricked into opening a specially crafted vorbis file with an application that uses libvorbis, an attacker could cause a denial of service or possibly execute arbitrary code with the user's privileges.


Discovery 2009-11-24
Entry 2009-11-24
libvorbis
lt 1.2.3_1,3

CVE-2008-1420
CVE-2009-3379
b73335a5-3bbe-11dc-8e83-0016179b2dd5libvorbis -- Multiple memory corruption flaws

isecpartners reports:

libvorbis contains several vulnerabilities allowing heap overwrite, read violations and a function pointer overwrite. These bugs cause a at least a denial of service, and potentially code execution.


Discovery 2007-06-05
Entry 2007-07-26
libvorbis
lt 1.2.0,3

http://www.isecpartners.com/advisories/2007-003-libvorbis.txt
CVE-2007-3106
b73335a5-3bbe-11dc-8e83-0016179b2dd5libvorbis -- Multiple memory corruption flaws

isecpartners reports:

libvorbis contains several vulnerabilities allowing heap overwrite, read violations and a function pointer overwrite. These bugs cause a at least a denial of service, and potentially code execution.


Discovery 2007-06-05
Entry 2007-07-26
libvorbis
lt 1.2.0,3

http://www.isecpartners.com/advisories/2007-003-libvorbis.txt
CVE-2007-3106
f5a76faf-244c-11dd-b143-0211d880e350libvorbis -- various security issues

Red Hat reports:

Will Drewry of the Google Security Team reported several flaws in the way libvorbis processed audio data. An attacker could create a carefully crafted [Vorbis] audio file in such a way that it could cause an application linked with libvorbis to crash, or execute arbitrary code when it was opened.


Discovery 2008-05-14
Entry 2008-05-17
libvorbis
lt 1.2.0_2,3

CVE-2008-1419
CVE-2008-1420
CVE-2008-1423
https://rhn.redhat.com/errata/RHSA-2008-0270.html