Xiph Vorbis-Tools vulnerabilities

CVE-2023-43361 [HIGH] CWE-787 CVE-2023-43361: Buffer Overflow vulnerability in Vorbis-tools v.1.4.2 allows a local attacker to execute arbitrary c Buffer Overflow vulnerability in Vorbis-tools v.1.4.2 allows a local attacker to execute arbitrary code and cause a denial of service during the conversion of wav files to ogg files.

CVE-2017-11331 [MEDIUM] CWE-119 CVE-2017-11331: The wav_open function in oggenc/audio.c in Xiph.Org vorbis-tools 1.4.0 allows remote attackers to ca The wav_open function in oggenc/audio.c in Xiph.Org vorbis-tools 1.4.0 allows remote attackers to cause a denial of service (memory allocation error) via a crafted wav file.

CVE-2015-6749 [MEDIUM] CWE-119 CVE-2015-6749: Buffer overflow in the aiff_open function in oggenc/audio.c in vorbis-tools 1.4.0 and earlier allows Buffer overflow in the aiff_open function in oggenc/audio.c in vorbis-tools 1.4.0 and earlier allows remote attackers to cause a denial of service (crash) via a crafted AIFF file.

CVE-2014-9640 [MEDIUM] CWE-119 CVE-2014-9640: oggenc/oggenc.c in vorbis-tools 1.4.0 allows remote attackers to cause a denial of service (out-of-b oggenc/oggenc.c in vorbis-tools 1.4.0 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted raw file.

CVE-2014-9638 [MEDIUM] CVE-2014-9638: oggenc in vorbis-tools 1.4.0 allows remote attackers to cause a denial of service (divide-by-zero er oggenc in vorbis-tools 1.4.0 allows remote attackers to cause a denial of service (divide-by-zero error and crash) via a WAV file with the number of channels set to zero.

CVE-2014-9639 [MEDIUM] CVE-2014-9639: Integer overflow in oggenc in vorbis-tools 1.4.0 allows remote attackers to cause a denial of servic Integer overflow in oggenc in vorbis-tools 1.4.0 allows remote attackers to cause a denial of service (crash) via a crafted number of channels in a WAV file, which triggers an out-of-bounds memory access.