CVE-2009-3389

EPSS 5.5%

libtheora - arbitrary code execution

發布日:2009/12/17修改日:2026/4/28

描述

Integer overflow in libtheora in Xiph.Org Theora before 1.1, as used in Mozilla Firefox 3.5 before 3.5.6 and SeaMonkey before 2.0.1, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a video with large dimensions.

受影響套件(2)

Debian/libtheorafrom 0, < 1.1
Debian/libtheorafrom 0, < 1.0~beta3-1+lenny1

參考連結(1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2009-3389