Oval Definition:	oval:org.mitre.oval:def:22554
Revision Date: 2014-05-26 Version: 24 Title: ELSA-2008:0270: libvorbis security update (Important) Description: Integer overflow in a certain quantvals and quantlist calculation in Xiph.org libvorbis 1.2.0 and earlier allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted OGG file with a large virtual space for its codebook, which triggers a heap overflow. Family: unix Class: patch Status: ACCEPTED Reference(s): CVE-2008-1419 CVE-2008-1420 CVE-2008-1423 ELSA-2008:0270-01 Platform(s): Oracle Linux 5 Product(s): libvorbis Definition Synopsis Oracle Linux 5.x AND rpm test libvorbis-devel is earlier than 1:1.1.2-3.el5_1.2 OR libvorbis is earlier than 1:1.1.2-3.el5_1.2
BACK