oss-sec mailing list archives

Re: CVE request: two issues in vorbis-tools

From: cve-assign () mitre org
Date: Thu, 22 Jan 2015 11:50:16 -0500 (EST)


On Wed, 21 Jan 2015, Hanno B??ck wrote:

On Wed, 21 Jan 2015 13:50:46 +0100
Martin Prpic <mprpic () redhat com> wrote:

Two issues were reported in vorbis-tools on Full Disclosure:

http://seclists.org/fulldisclosure/2015/Jan/78


CVE-2014-9638 - https://trac.xiph.org/ticket/2137 (division by zero)

CVE-2014-9639 - https://trac.xiph.org/ticket/2136 (integer overflow)

(These received IDs from 2014 due to the date of the bug report.)

In addition to that: I reported this issue
https://trac.xiph.org/ticket/2009
a while back which also crashes oggenc.

I didn't think about security implications back then, but it's also an
out of bounds read issue.

After bugging the devs on irc it got fixed in the code but never saw a
release.


Use CVE-2014-9640.

---

CVE assignment team, MITRE CVE Numbering Authority M/S M300
202 Burlington Road, Bedford, MA 01730 USA
[ PGP key available through http://cve.mitre.org/cve/request_id.html ]

Current thread:

CVE request: two issues in vorbis-tools Martin Prpic (Jan 21)
- Re: CVE request: two issues in vorbis-tools Hanno Böck (Jan 21)
  - Re: CVE request: two issues in vorbis-tools cve-assign (Jan 22)
    - Re: CVE request: two issues in vorbis-tools Hanno Böck (Jan 23)
    - Re: CVE request: two issues in vorbis-tools Paris Z (Jan 23)