PT-2018-9237 · No Company · Stb Vorbis
Published
2018-02-09
·
Updated
2018-03-08
·
CVE-2018-1000050
CVSS v3.1
8.8
High
| Vector | AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions:
stb vorbis versions 1.12 and earlier
Description:
The issue is related to a Buffer Overflow in all Vorbis decoding paths, which can lead to memory corruption, denial of service, or compromised execution of the host program. This can be exploited by opening a specially crafted Ogg Vorbis file.
Recommendations:
For stb vorbis versions 1.12 and earlier, update to version 1.13 to resolve the issue.
Fix
Buffer Overflow
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Stb Vorbis