Date: Sat, 29 Aug 2015 05:44:07 +0200 From: "pcheng pcheng" <pcheng@....com> To: oss-security@...ts.openwall.com Subject: CVE request: vorbis-tools: buffer overflow in aiff_open() Name : vorbis-tool Affected Version: <= Revision 19495 URL : https://wiki.xiph.org/Vorbis-tools Description : An issue was found in oggenc/audio.c when it tries to open invalid AIFF file. 274 if(fread(buffer,1,len,in) < len) The input buffer and length can be controlled by user indirectly via: 260 if(!find_aiff_chunk(in, "COMM", &len)) More info can be found at : https://trac.xiph.org/ticket/2212
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ