Integer overflow in residue partition value (aka partvals) evaluation in Xiph.org libvorbis 1.2.0 and earlier allows remote attackers to execute arbitrary code via a crafted OGG file, which triggers a heap overflow.
Software | From | Fixed in |
---|---|---|
xiph.org / libvorbis | 1.0.0 | 1.0.0.x |
xiph.org / libvorbis | 1.0.1 | 1.0.1.x |
xiph.org / libvorbis | 1.1.0 | 1.1.0.x |
xiph.org / libvorbis | 1.1.1 | 1.1.1.x |
xiph.org / libvorbis | 1.12 | 1.12.x |
xiph.org / libvorbis | 1.2.0 | 1.2.0.x |