CVE-2009-2663

Name of the Vulnerable Software and Affected Versions libvorbis before r16182 libvorbis0a (affected versions not specified) libvorbisfile3 (affected versions not specified) libvorbis-dev (affected versions not specified) libvorbisenc2 (affected versions not specified)

Description The issue concerns multiple vulnerabilities in the libvorbis package, which can lead to a disruption of confidentiality, integrity, and availability of protected information. These vulnerabilities can be exploited remotely, potentially causing a denial of service or allowing the execution of arbitrary code via a crafted .ogg file.

Recommendations For libvorbis before r16182, update to a version after r16182 to resolve the issue. For libvorbis0a, libvorbisfile3, libvorbis-dev, and libvorbisenc2, at the moment, there is no information about a newer version that contains a fix for this vulnerability.