CVE-2008-1420

Priority
Description
Integer overflow in residue partition value (aka partvals) evaluation in
Xiph.org libvorbis 1.2.0 and earlier allows remote attackers to execute
arbitrary code via a crafted OGG file, which triggers a heap overflow.
Assigned-to
mdeslaur
Notes
mdeslaurRegression #1: https://trac.xiph.org/ticket/1456
fixes: https://trac.xiph.org/changeset/15532
fixes: https://trac.xiph.org/changeset/15533
Regression #2: https://trac.xiph.org/ticket/1572
fixes: https://trac.xiph.org/changeset/16327
fixes: https://trac.xiph.org/changeset/16552
More Information

Updated: 2020-09-10 00:38:21 UTC (commit 81a23a978c4436cd99e1d040e9e73e9146876281)