FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-11-19 19:12:13 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
a35f415d-572a-11e5-b0a4-f8b156b6dcc8vorbis-tools, opus-tools -- multiple vulnerabilities

Paris Zoumpouloglou reports:

I discovered an integer overflow issue in oggenc, related to the number of channels in the input WAV file. The issue triggers an out-of-bounds memory access which causes oggenc to crash.

Paris Zoumpouloglou reports:

A crafted WAV file with number of channels set to 0 will cause oggenc to crash due to a division by zero issue.

pengsu reports:

I discovered an buffer overflow issue in oggenc/audio.c when it tries to open invalid aiff file.


Discovery 2015-08-08
Entry 2015-09-09
Modified 2015-09-09
vorbis-tools
< 1.4.0_10,3

opus-tools
< 0.1.9_2

ports/202941
https://trac.xiph.org/ticket/2136
CVE-2014-9639
https://trac.xiph.org/ticket/2137
CVE-2014-9638
https://trac.xiph.org/ticket/2212
CVE-2015-6749
a1a1f81c-7c13-11ee-bcf1-f8b156b6dcc8vorbistools -- heap buffer overflow in oggenc

Frank-Z7 reports:

Heap buffer overflow when vorbis-tools/oggenc converts WAV files to Ogg files.


Discovery 2023-09-16
Entry 2023-11-05
vorbis-tools
< 1.4.2_4,3

CVE-2023-43361
https://nvd.nist.gov/vuln/detail/CVE-2023-43361