PT-2015-4316 · Xiph.Org+2 · Vorbis-Tools+2

Published

2015-01-23

Updated

2024-06-15

CVE-2014-9638

CVSS v2.0

5.0

Medium

Vector

AV:N/AC:L/Au:N/C:N/I:N/A:P

Name of the Vulnerable Software and Affected Versions vorbis-tools version 1.4.0

Description The issue allows remote attackers to cause a denial of service, resulting in a divide-by-zero error and crash, via a WAV file with the number of channels set to zero.

Recommendations For vorbis-tools version 1.4.0, update to a version that fixes the divide-by-zero error issue to prevent potential denial of service attacks.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

ALT-PU-2021-2124

ALT-PU-2023-1433

AZL-6952

AZL-7400

CVE-2014-9638

DLA-1010-1

DLA-317-1

MGASA-2015-0094

OPENSUSE-SU-2024:10259-1

SUSE-SU-2015:1014-1

SUSE-SU-2015:1775-1

SUSE-SU-2015_1014-1

SUSE-SU-2015_1775-1

Affected Products

Alt Linux

Suse

Vorbis-Tools

PT-2015-4316 · Xiph.Org+2 · Vorbis-Tools+2

CVE-2014-9638

Related Identifiers

Affected Products

References · 33