CVE-2007-3106 — Libvorbis vulnerability

CWE-39910 documents8 sources

Severity

6.8MEDIUMNVD

EPSS

3.0%

top 13.41%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Xiph.org Libvorbis Libvorbis

Timeline

PublishedJul 26

Latest updateMay 1

Description

lib/info.c in libvorbis 1.1.2, and possibly other versions before 1.2.0, allows context-dependent attackers to cause a denial of service and possibly execute arbitrary code via invalid (1) blocksize_0 and (2) blocksize_1 values, which trigger a "heap overwrite" in the _01inverse function in res0.c. NOTE: this issue has been RECAST so that CVE-2007-4029 handles additional vectors.

CVSS vector

AV:N/AC:M/C:P/I:P/A:PExploitability: 8.6 | Impact: 6.4

Affected Packages2 packages

▶Debianxiph.org/libvorbis< 1.2.0.dfsg-1+3

▶NVDlibvorbis/libvorbis1.2.0+1

Patches

Patch: issues.rpath.com ↗Patch: issues.rpath.com ↗

🔴Vulnerability Details

GHSA

GHSA-g2r6-v9mj-qx9w: lib/info↗2022-05-01

▶

OSV

CVE-2007-3106: lib/info↗2007-07-26

▶

CVEList

CVE-2007-3106: lib/info↗2007-07-26

▶

📋Vendor Advisories

Ubuntu

libvorbis vulnerabilities↗2007-08-16

▶

Red Hat

libvorbis array boundary condition↗2007-07-26

▶

Debian

CVE-2007-3106: libvorbis - lib/info.c in libvorbis 1.1.2, and possibly other versions before 1.2.0, allows ...↗2007

▶

💬Community

Bugzilla

CVE-2007-3106 libvorbis array boundary condition [F7]↗2007-08-02

▶

Bugzilla

CVE-2007-3106 libvorbis array boundary condition [FC6]↗2007-08-02

▶

Bugzilla

CVE-2007-3106 libvorbis array boundary condition↗2007-06-27

▶