FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

libvorbis -- Multiple memory corruption flaws

Affected packages
libvorbis < 1.2.0,3

Details

VuXML ID b73335a5-3bbe-11dc-8e83-0016179b2dd5
Discovery 2007-06-05
Entry 2007-07-26

isecpartners reports:

libvorbis contains several vulnerabilities allowing heap overwrite, read violations and a function pointer overwrite. These bugs cause a at least a denial of service, and potentially code execution.

References

CVE Name CVE-2007-3106
URL http://www.isecpartners.com/advisories/2007-003-libvorbis.txt