[FREEBSD:40497E81-FEE3-4E54-9D5F-175A5C633B73] libtremor -- memory corruption

Severity High

Affected Packages 1

CVEs 1

The Mozilla Project reports:

  Security researcher regenrecht reported via
    TippingPoint's Zero Day Initiative the possibility of memory
    corruption during the decoding of Ogg Vorbis files. This can
    cause a crash during decoding and has the potential for
    remote code execution.

Package	Affected Version
pkg:freebsd/libtremor	< 1.2.0.s20120120

ID

FREEBSD:40497E81-FEE3-4E54-9D5F-175A5C633B73

Severity

high

Severity from

CVE-2012-0444

URL

http://vuxml.freebsd.org/freebsd/40497e81-fee3-4e54-9d5f-175a5c633b73.html

Published

2012-01-31T00:00:00
(12 years ago)

Modified

2015-08-25T00:00:00
(9 years ago)

Rights

FreeBSD VuXML Security Team

Other Advisories

Source	# ID	Name	URL
FreeBSD VuXML			https://bugzilla.mozilla.org/show_bug.cgi?id=719612
FreeBSD VuXML			https://git.xiph.org/?p=tremor.git;a=commitdiff;h=3daa274

Type	Package URL	Namespace	Name / Product	Version	Distribution / Platform	Arch	Patch / Fix
Affected	pkg:freebsd/libtremor		libtremor	< 1.2.0.s20120120

# CVE	Description	CVSS	EPSS	EPSS Trend (30 days)	Affected Products	Weaknesses	Security Advisories	Exploits	PoC	Pubblication Date	Modification Date
# CVE	Description	CVSS	EPSS	EPSS Trend (30 days)	Affected Products	Weaknesses	Security Advisories	PoC	Pubblication Date	Modification Date