← voltar
CVE-2018-10392

CVE-2018-10392

EPSS 3.3%
mapping0_forward in mapping0.c in Xiph.Org libvorbis 1.3.6 does not validate the number of channels, which allows remote attackers to cause a denial of service (heap-based buffer overflow or over-read) or possibly have unspecified other impact via a crafted file.
Produtos afetados
n/a · n/a

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://access.redhat.com/errata/RHSA-2019:3703https://gitlab.xiph.org/xiph/vorbis/issues/2335https://lists.debian.org/debian-lts-announce/2019/11/msg00031.htmlhttps://lists.debian.org/debian-lts-announce/2021/11/msg00023.htmlhttps://security.gentoo.org/glsa/202003-36