Free and open-source vulnerability scanner

Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.

Install Now

Available for macOS, Windows, and Linux

App screenshot

Mandriva Update for vorbis-tools MDVSA-2008:093 (vorbis-tools)

Information

Severity

Severity

Critical

Family

Family

Mandrake Local Security Checks

CVSSv2 Base

CVSSv2 Base

9.3

CVSSv2 Vector

CVSSv2 Vector

AV:N/AC:M/Au:N/C:C/I:C/A:C

Solution Type

Solution Type

Vendor Patch

Created

Created

14 years ago

Modified

Modified

6 years ago

Summary

Check for the Version of vorbis-tools

Insight

Insight

A vulnerability in the Speex library was found where it did not properly validate input values read from the Speex files headers. An attacker could create a malicious Speex file that would crash an application or potentially allow the execution of arbitrary code with the privileges of the application calling the Speex library (CVE-2008-1686). The ogg123 application in vorbis-tools is similarly affected by this issue. The updated packages have been patched to correct this issue.

Affected Software

Affected Software

vorbis-tools on Mandriva Linux 2008.0, Mandriva Linux 2008.0/X86_64, Mandriva Linux 2008.1, Mandriva Linux 2008.1/X86_64

Solution

Solution

Please Install the Updated Packages.

Common Vulnerabilities and Exposures (CVE)