CVE-2014-9639

Integer overflow in oggenc in vorbis-tools 1.4.0 allows remote attackers to cause a denial of service (crash) via a crafted number of channels in a WAV file, which triggers an out-of-bounds memory access.
Configurations

Configuration 1 (hide)

cpe:2.3:a:xiph:vorbis-tools:1.4.0:*:*:*:*:*:*:*

Configuration 2 (hide)

OR cpe:2.3:o:fedoraproject:fedora:20:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:21:*:*:*:*:*:*:*
cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*
cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*

History

No history.

Information

Published : 2015-01-23 15:59

Updated : 2024-02-28 12:20


NVD link : CVE-2014-9639

Mitre link : CVE-2014-9639

CVE.ORG link : CVE-2014-9639


JSON object : View

Products Affected

xiph

  • vorbis-tools

opensuse

  • opensuse

fedoraproject

  • fedora