CVE-2014-9639

描述

Integer overflow in oggenc in vorbis-tools 1.4.0 allows remote attackers to cause a denial of service (crash) via a crafted number of channels in a WAV file, which triggers an out-of-bounds memory access.

受影響套件(2)

• Debian/opus-toolsfrom 0, < 0.1.10-1
• Debian/vorbis-toolsfrom 0, < 1.4.0-7

參考連結(1)

• ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2014-9639