CVE-2019-13221

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions stb vorbis versions through 2019-03-04

Description A stack buffer overflow in the compute codewords function allows an attacker to cause a denial of service or execute arbitrary code by opening a crafted Ogg Vorbis file.

Recommendations For versions through 2019-03-04, consider avoiding the use of the compute codewords function until a patch is available. As a temporary workaround, restrict the opening of Ogg Vorbis files from untrusted sources to minimize the risk of exploitation.

Fix

DoS

Memory Corruption

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-787

Related Identifiers

CVE-2019-13221

DLA-3305-1

OPENSUSE-SU-2024:11409-1

OPENSUSE-SU-2025:0039-1

Affected Products

Stb Vorbis

CVE-2019-13221

Weakness Enumeration

Related Identifiers

Affected Products

References · 24