← back
CVE-2017-14632

CVE-2017-14632

EPSS 5.7%
Xiph.Org libvorbis 1.3.5 allows Remote Code Execution upon freeing uninitialized memory in the function vorbis_analysis_headerout() in info.c when vi->channels<=0, a similar issue to Mozilla bug 550184.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://gitlab.xiph.org/xiph/vorbis/issues/2328https://lists.debian.org/debian-lts-announce/2018/04/msg00033.htmlhttps://usn.ubuntu.com/3569-1/https://www.debian.org/security/2018/dsa-4113