Vulnerability CVE-2008-1419 - CERT Civis.Net

Vulnerability Name:

CVE-2008-1419 (CCN-42400)

Assigned:

2008-05-14

Published:

2008-05-14

Updated:

2017-09-29

Summary:

Xiph.org libvorbis 1.2.0 and earlier does not properly handle a zero value for codebook.dim, which allows remote attackers to cause a denial of service (crash or infinite loop) or trigger an integer overflow.

CVSS v3 Severity:

5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Low

CVSS v2 Severity:

4.3 Medium (CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P)
3.2 Low (Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Medium Authentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Partial

4.3 Medium (CCN CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P)
3.2 Low (CCN Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Medium Athentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Partial

Vulnerability Type:

Vulnerability Consequences:

Denial of Service

References:

Source: MITRE
Type: CNA
CVE-2008-1419

Source: SUSE
Type: Third Party Advisory
SUSE-SR:2008:012

Source: CCN
Type: RHSA-2008-0270
Important: libvorbis security update

Source: CCN
Type: RHSA-2008-0271
Important: libvorbis security update

Source: CCN
Type: SA30234
libvorbis Multiple Vulnerabilities

Source: SECUNIA
Type: Permissions Required, Third Party Advisory
30234

Source: SECUNIA
Type: Permissions Required, Third Party Advisory
30237

Source: SECUNIA
Type: Permissions Required, Third Party Advisory
30247

Source: SECUNIA
Type: Permissions Required, Third Party Advisory
30259

Source: SECUNIA
Type: Permissions Required, Third Party Advisory
30479

Source: SECUNIA
Type: Permissions Required, Third Party Advisory
30581

Source: SECUNIA
Type: Permissions Required, Third Party Advisory
30820

Source: SECUNIA
Type: Permissions Required, Third Party Advisory
32946

Source: GENTOO
Type: Third Party Advisory
GLSA-200806-09

Source: CCN
Type: SECTRACK ID: 1020029
libvorbis Bugs Let Remote Users Deny Service or Execute Arbitrary Code

Source: CCN
Type: ASA-2008-208
libvorbis security update (RHSA-2008-0271)

Source: CCN
Type: ASA-2008-212
libvorbis security update (RHSA-2008-0270)

Source: DEBIAN
Type: Third Party Advisory
DSA-1591

Source: DEBIAN
Type: DSA-1591
libvorbis -- several vulnerabilities

Source: CCN
Type: GLSA-200806-09
libvorbis: Multiple vulnerabilities

Source: MANDRIVA
Type: Broken Link
MDVSA-2008:102

Source: CCN
Type: OSVDB ID: 45155
libvorbis OGG File Codebook Dimension Handling Overflow

Source: REDHAT
Type: Not Applicable
RHSA-2008:0270

Source: REDHAT
Type: Not Applicable
RHSA-2008:0271

Source: BID
Type: Third Party Advisory, VDB Entry
29206

Source: CCN
Type: BID-29206
libvorbis Multiple Remote Vulnerabilities

Source: SECTRACK
Type: Third Party Advisory, VDB Entry
1020029

Source: CCN
Type: USN-682-1
libvorbis vulnerabilities

Source: UBUNTU
Type: Third Party Advisory
USN-682-1

Source: VUPEN
Type: Broken Link
ADV-2008-1510

Source: CCN
Type: Xiph SVN repository
Xiph.Org

Source: CCN
Type: xiph Web site
Vorbis audio compression

Source: CONFIRM
Type: Exploit, Issue Tracking
https://bugzilla.redhat.com/show_bug.cgi?id=440700

Source: XF
Type: UNKNOWN
libvorbis-ogg-bo(42397)

Source: XF
Type: UNKNOWN
libvorbis-ogg-dos(42400)

Source: XF
Type: UNKNOWN
libvorbis-ogg-dos(42400)

Source: OVAL
Type: UNKNOWN
oval:org.mitre.oval:def:10104

Source: FEDORA
Type: Vendor Advisory
FEDORA-2008-3934

Source: FEDORA
Type: Vendor Advisory
FEDORA-2008-3898

Source: FEDORA
Type: Vendor Advisory
FEDORA-2008-3910

Source: SUSE
Type: SUSE-SR:2008:012
SUSE Security Summary Report

Vulnerable Configuration:

Configuration 1:

cpe:/o:redhat:enterprise_linux:2.1:*:as:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:2.1:*:es:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:2.1:*:ws:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:4.0:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:5:*:client:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:5:*:client_workstation:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*

OR cpe:/o:redhat:linux_advanced_workstation:2.1:*:itanium:*:*:*:*:*

AND

cpe:/a:xiph.org:libvorbis:1.0.0:*:*:*:*:*:*:*

OR cpe:/a:xiph.org:libvorbis:1.0.1:*:*:*:*:*:*:*

OR cpe:/a:xiph.org:libvorbis:1.1.0:*:*:*:*:*:*:*

OR cpe:/a:xiph.org:libvorbis:1.1.1:*:*:*:*:*:*:*

OR cpe:/a:xiph.org:libvorbis:1.2.0:*:*:*:*:*:*:*

OR cpe:/a:xiph.org:libvorbis:1.12:*:*:*:*:*:*:*

Configuration RedHat 1:

cpe:/o:redhat:enterprise_linux:4:*:*:*:*:*:*:*

Configuration RedHat 2:

cpe:/o:redhat:enterprise_linux:4::as:*:*:*:*:*

Configuration RedHat 3:

cpe:/o:redhat:enterprise_linux:4::desktop:*:*:*:*:*

Configuration RedHat 4:

cpe:/o:redhat:enterprise_linux:4::es:*:*:*:*:*

Configuration RedHat 5:

cpe:/o:redhat:enterprise_linux:4::ws:*:*:*:*:*

Configuration RedHat 6:

cpe:/o:redhat:enterprise_linux:5:*:*:*:*:*:*:*

Configuration RedHat 7:

cpe:/o:redhat:enterprise_linux:5::client:*:*:*:*:*

Configuration RedHat 8:

cpe:/o:redhat:enterprise_linux:5::client_workstation:*:*:*:*:*

Configuration RedHat 9:

cpe:/o:redhat:enterprise_linux:5::server:*:*:*:*:*

Configuration CCN 1:

cpe:/a:xiph.org:libvorbis:1.0.0:*:*:*:*:*:*:*

OR cpe:/a:xiph.org:libvorbis:1.0.1:*:*:*:*:*:*:*

OR cpe:/a:xiph.org:libvorbis:1.1.0:*:*:*:*:*:*:*

OR cpe:/a:xiph.org:libvorbis:1.1.1:*:*:*:*:*:*:*

OR cpe:/a:xiph.org:libvorbis:1.1.2:*:*:*:*:*:*:*

OR cpe:/a:xiph.org:libvorbis:1.2.0:*:*:*:*:*:*:*

AND

cpe:/o:gentoo:linux:*:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:2.1:*:as:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:2.1:*:es:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:2.1:*:ws:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:3::ws:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:3::es:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:3::as:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:3::desktop:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:4::as:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:4::desktop:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:4::es:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:4::ws:*:*:*:*:*

OR cpe:/a:mandrakesoft:mandrake_multi_network_firewall:2.0:*:*:*:*:*:*:*

OR cpe:/o:redhat:linux_advanced_workstation:2.1::itanium:*:*:*:*:*

OR cpe:/o:canonical:ubuntu:6.06::lts:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:4.0:*:*:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:4.0::x86_64:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:3.0::x86_64:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:5:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:5:*:client_workstation:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux:2007.1:*:*:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux:2008.0::x86-64:*:*:*:*:*

OR cpe:/o:debian:debian_linux:4.0:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:5:*:client:*:*:*:*:*

OR cpe:/o:canonical:ubuntu:7.10:*:*:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux:2008.0:*:*:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux:2008.1:x86_64:*:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux:2007.1::x86-64:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:4.6.z:ga:as:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:4.6.z:ga:es:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux:2008.1:*:*:*:*:*:*:*

OR cpe:/o:canonical:ubuntu:8.04::lts:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:20081419	V	CVE-2008-1419	2022-06-30
oval:org.opensuse.security:def:42387	P	Security update for libslirp (Important)	2022-05-18
oval:org.opensuse.security:def:42180	P	Security update for ruby2.5 (Important)	2022-05-03
oval:org.opensuse.security:def:112908	P	libvorbis-devel-1.3.7-1.6 on GA media (Moderate)	2022-01-17
oval:org.opensuse.security:def:31326	P	Security update for the Linux Kernel (Live Patch 39 for SLE 12 SP3) (Important)	2021-12-14
oval:org.opensuse.security:def:31706	P	Security update for postgresql96 (Important)	2021-11-22
oval:org.opensuse.security:def:32223	P	Security update for postgresql, postgresql13, postgresql14 (Important)	2021-11-20
oval:org.opensuse.security:def:26160	P	Security update for binutils (Moderate)	2021-11-09
oval:org.opensuse.security:def:31293	P	Security update for postgresql10 (Important)	2021-10-20
oval:org.opensuse.security:def:31695	P	Security update for strongswan (Important)	2021-10-19
oval:org.opensuse.security:def:31694	P	Security update for util-linux (Moderate)	2021-10-19
oval:org.opensuse.security:def:32201	P	Security update for MozillaFirefox (Important)	2021-10-15
oval:org.opensuse.security:def:106367	P	libvorbis-devel-1.3.7-1.6 on GA media (Moderate)	2021-10-01
oval:org.opensuse.security:def:26125	P	Security update for grilo (Important)	2021-09-09
oval:org.opensuse.security:def:26119	P	Security update for file (Important)	2021-09-02
oval:org.opensuse.security:def:26107	P	Security update for openssl-1_0_0 (Important)	2021-08-24
oval:org.opensuse.security:def:32162	P	Security update for libcares2 (Important)	2021-08-16
oval:org.opensuse.security:def:31665	P	Security update for libcares2 (Important)	2021-08-16
oval:org.opensuse.security:def:26099	P	Security update for libsndfile (Critical)	2021-08-05
oval:org.opensuse.security:def:31241	P	Security update for libsndfile (Critical)	2021-08-05
oval:org.opensuse.security:def:31240	P	Security update for webkit2gtk3 (Important)	2021-08-03
oval:org.opensuse.security:def:32148	P	Security update for the Linux Kernel (Live Patch 34 for SLE 12 SP3) (Important)	2021-07-21
oval:org.opensuse.security:def:32944	P	Security update for libjpeg-turbo (Moderate)	2021-06-11
oval:org.opensuse.security:def:36500	P	libvorbis-devel-1.2.0-79.20.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:42635	P	libvorbis-1.2.0-79.20.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:32113	P	Security update for qemu (Important)	2021-06-08
oval:org.opensuse.security:def:36228	P	libvorbis-1.2.0-79.20.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:26062	P	Security update for djvulibre (Important)	2021-05-31
oval:org.opensuse.security:def:26055	P	Security update for hivex (Moderate)	2021-05-26
oval:org.opensuse.security:def:26050	P	Security update for python3 (Important)	2021-05-17
oval:org.opensuse.security:def:26049	P	Security update for lz4 (Important)	2021-05-14
oval:org.opensuse.security:def:26041	P	Security update for samba (Important)	2021-04-29
oval:org.opensuse.security:def:31161	P	Security update for the Linux Kernel (Live Patch 31 for SLE 12 SP3) (Important)	2021-04-28
oval:org.opensuse.security:def:32905	P	Security update for curl (Moderate)	2021-04-28
oval:org.opensuse.security:def:31607	P	Security update for qemu (Important)	2021-04-16
oval:org.opensuse.security:def:32060	P	Security update for the Linux Kernel (Live Patch 32 for SLE 12 SP3) (Important)	2021-04-07
oval:org.opensuse.security:def:32061	P	Security update for the Linux Kernel (Live Patch 33 for SLE 12 SP3) (Important)	2021-04-07
oval:org.opensuse.security:def:26209	P	Security update for apache2 (Moderate)	2021-03-12
oval:org.opensuse.security:def:31741	P	Security update for wpa_supplicant (Important)	2021-03-09
oval:org.opensuse.security:def:26203	P	Security update for openldap2 (Important)	2021-03-03
oval:org.opensuse.security:def:32267	P	Security update for grub2 (Important)	2021-03-02
oval:org.opensuse.security:def:31252	P	Security update for openvswitch (Important)	2021-02-02
oval:org.opensuse.security:def:31685	P	Security update for java-1_8_0-ibm (Moderate)	2021-01-05
oval:org.opensuse.security:def:26061	P	Security update for dovecot22 (Important)	2021-01-04
oval:org.opensuse.security:def:25981	P	Security update for PackageKit (Low)	2020-12-22
oval:org.opensuse.security:def:32016	P	Security update for python (Important)	2020-12-11
oval:org.opensuse.security:def:31087	P	Security update for the Linux Kernel (Live Patch 30 for SLE 12 SP3) (Important)	2020-12-07
oval:org.opensuse.security:def:32004	P	Security update for postgresql12 (Important)	2020-12-04
oval:org.opensuse.security:def:35607	P	libvorbis-1.2.0-79.12 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:35773	P	libvorbis-1.2.0-79.13.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:42014	P	libvorbis-1.2.0-79.12 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:35980	P	libvorbis-1.2.0-79.20.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:25443	P	Security update for python (Moderate)	2020-12-01
oval:org.opensuse.security:def:31850	P	Security update for clamav (Moderate)	2020-12-01
oval:org.opensuse.security:def:26262	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:25734	P	Security update for python3 (Moderate)	2020-12-01
oval:org.opensuse.security:def:26767	P	libsndfile on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26607	P	libvorbis on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25584	P	Security update for xerces-c (Moderate)	2020-12-01
oval:org.opensuse.security:def:31955	P	Security update for gstreamer-0_10-plugins-good (Important)	2020-12-01
oval:org.opensuse.security:def:26944	P	libcgroup1 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25872	P	Security update for ImageMagick (Important)	2020-12-01
oval:org.opensuse.security:def:32360	P	Security update for strongswan (Moderate)	2020-12-01
oval:org.opensuse.security:def:26825	P	sysconfig on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26334	P	Security update for Chromium (Important)	2020-12-01
oval:org.opensuse.security:def:25953	P	Security update for gcc48 (Moderate)	2020-12-01
oval:org.opensuse.security:def:25324	P	Security update for bcm43xx-firmware (Moderate)	2020-12-01
oval:org.opensuse.security:def:31458	P	Security update for postgresql91 (Moderate)	2020-12-01
oval:org.opensuse.security:def:26354	P	Security update for chromium (Important)	2020-12-01
oval:org.opensuse.security:def:32448	P	Security update for xen (Important)	2020-12-01
oval:org.opensuse.security:def:27498	P	libvorbis-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25777	P	Security update for flash-player (Critical)	2020-12-01
oval:org.opensuse.security:def:31780	P	Security update for MozillaFirefox, mozilla-nspr, mozilla-nss (Important)	2020-12-01
oval:org.opensuse.security:def:26475	P	Recommended update for enigmail (Moderate)	2020-12-01
oval:org.opensuse.security:def:32698	P	lcms on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25399	P	Security update for libproxy (Important)	2020-12-01
oval:org.opensuse.security:def:26456	P	Security update for MozillaThunderbird (Important)	2020-12-01
oval:org.opensuse.security:def:32514	P	ft2demos on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25789	P	Security update for flash-player (Critical)	2020-12-01
oval:org.opensuse.security:def:31076	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:25608	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:32057	P	Security update for kvm (Moderate)	2020-12-01
oval:org.opensuse.security:def:26509	P	Security update for cacti, cacti-spine (Moderate)	2020-12-01
oval:org.opensuse.security:def:33191	P	libvorbis on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:31447	P	Security update for postgresql94 (Moderate)	2020-12-01
oval:org.opensuse.security:def:25735	P	Security update for exiv2 (Moderate)	2020-12-01
oval:org.opensuse.security:def:31829	P	Security update for bind (Important)	2020-12-01
oval:org.opensuse.security:def:26772	P	libvorbis on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25158	P	Security update for ceph (Important)	2020-12-01
oval:org.opensuse.security:def:25749	P	Security update for pidgin (Moderate)	2020-12-01
oval:org.opensuse.security:def:27191	P	libjasper on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:31459	P	Security update for postgresql94 (Important)	2020-12-01
oval:org.opensuse.security:def:25837	P	Security update for ImageMagick (Important)	2020-12-01
oval:org.opensuse.security:def:31895	P	Security update for MozillaFirefox, mozilla-nspr (Important)	2020-12-01
oval:org.opensuse.security:def:25170	P	Security update for git (Moderate)	2020-12-01
oval:org.opensuse.security:def:31385	P	Security update for openvpn-openssl1 (Important)	2020-12-01
oval:org.opensuse.security:def:25531	P	Security update for ucode-intel (Moderate)	2020-12-01
oval:org.opensuse.security:def:26626	P	pam_mount on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25890	P	Security update for php5 (Moderate)	2020-12-01
oval:org.opensuse.security:def:32572	P	libvorbis on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25362	P	Security update for mailman (Important)	2020-12-01
oval:org.opensuse.security:def:31529	P	Security update for rzsz (Moderate)	2020-12-01
oval:org.opensuse.security:def:26248	P	Security update for freerdp (Moderate)	2020-12-01
oval:org.opensuse.security:def:25606	P	Security update for libjpeg-turbo (Moderate)	2020-12-01
oval:org.opensuse.security:def:31814	P	Security update for apache2-mod_nss (Moderate)	2020-12-01
oval:org.opensuse.security:def:26728	P	kernel-default on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26572	P	kdelibs4 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25500	P	Security update for webkit2gtk3 (Important)	2020-12-01
oval:org.opensuse.security:def:31906	P	Security update for freeradius-server (Moderate)	2020-12-01
oval:org.opensuse.security:def:26306	P	Security update for python-Jinja2 (Moderate)	2020-12-01
oval:org.opensuse.security:def:25815	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:32304	P	Security update for python (Important)	2020-12-01
oval:org.opensuse.security:def:26781	P	mailman on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26253	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:25900	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:31994	P	Security update for java-1_7_1-ibm (Important)	2020-12-01
oval:org.opensuse.security:def:26979	P	libvorbis on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25323	P	Security update for libproxy (Important)	2020-12-01
oval:org.opensuse.security:def:25956	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:32409	P	Security update for wget (Moderate)	2020-12-01
oval:org.opensuse.security:def:27463	P	libmysql55client_r18-32bit on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26391	P	Security update for MozillaThunderbird (Important)	2020-12-01
oval:org.opensuse.security:def:26002	P	Security update for ImageMagick (Moderate)	2020-12-01
oval:org.opensuse.security:def:25335	P	Security update for u-boot (Important)	2020-12-01
oval:org.opensuse.security:def:31550	P	Security update for shim (Moderate)	2020-12-01
oval:org.opensuse.security:def:26407	P	Security update for libmad (Moderate)	2020-12-01
oval:org.opensuse.security:def:32470	P	Security update for xorg-x11-server (Important)	2020-12-01
oval:org.opensuse.security:def:25778	P	Security update for mariadb (Important)	2020-12-01
oval:org.opensuse.security:def:31912	P	Security update for gcc43 (Moderate)	2020-12-01
oval:org.opensuse.security:def:32737	P	libvorbis on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:31075	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:25527	P	Security update for java-11-openjdk (Moderate)	2020-12-01
oval:org.opensuse.security:def:31901	P	Security update for MozillaFirefox, mozilla-nss, mozilla-nspr (Moderate)	2020-12-01
oval:org.opensuse.security:def:26495	P	Security update for phpMyAdmin (Important)	2020-12-01
oval:org.opensuse.security:def:33152	P	libgdiplus0 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25853	P	Security update for gtk2 (Moderate)	2020-12-01
oval:org.opensuse.security:def:31790	P	Security update for MozillaFirefox (Moderate)	2020-12-01
oval:org.opensuse.security:def:26737	P	libadns1 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25665	P	Security update for libqt5-qtbase (Important)	2020-12-01
oval:org.opensuse.security:def:26553	P	gd on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:31448	P	Security update for postgresql-init (Moderate)	2020-12-01
oval:org.opensuse.security:def:25788	P	Security update for zeromq (Moderate)	2020-12-01
oval:org.opensuse.security:def:31851	P	Security update for clamav (Important)	2020-12-01
oval:org.opensuse.security:def:25159	P	Security update for LibVNCServer (Important)	2020-12-01
oval:org.opensuse.security:def:27226	P	libvorbis on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25530	P	Security update for virglrenderer (Important)	2020-12-01
oval:org.opensuse.security:def:31533	P	Security update for samba (Important)	2020-12-01
oval:org.opensuse.security:def:25876	P	Security update for libssh (Moderate)	2020-12-01
oval:org.opensuse.security:def:32533	P	java-1_6_0-ibm on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25234	P	Security update for dnsmasq (Moderate)	2020-12-01
oval:org.opensuse.security:def:31442	P	Security update for policycoreutils (Low)	2020-12-01
oval:org.opensuse.security:def:25542	P	Security update for java-1_8_0-openjdk (Important)	2020-12-01
oval:org.opensuse.security:def:31757	P	Security update for LibVNCServer (Important)	2020-12-01
oval:org.opensuse.security:def:26679	P	cron on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25934	P	Security update for the Linux kernel (Important)	2020-12-01
oval:org.mitre.oval:def:17233	P	USN-682-1 -- libvorbis vulnerabilities	2014-07-21
oval:org.mitre.oval:def:20255	P	DSA-1591-1 libvorbis - several vulnerabilities	2014-06-23
oval:org.mitre.oval:def:8013	P	DSA-1591 libvorbis -- several vulnerabilities	2014-06-23
oval:org.mitre.oval:def:22554	P	ELSA-2008:0270: libvorbis security update (Important)	2014-05-26
oval:org.mitre.oval:def:10104	V	Xiph.org libvorbis 1.2.0 and earlier does not properly handle a zero value for codebook.dim, which allows remote attackers to cause a denial of service (crash or infinite loop) or trigger an integer overflow.	2013-04-29
oval:org.debian:def:1591	V	several vulnerabilities	2008-06-03
oval:com.redhat.rhsa:def:20080270	P	RHSA-2008:0270: libvorbis security update (Important)	2008-05-14