oss-sec mailing list archives
CVE request: vorbis-tools: buffer overflow in aiff_open()
From: "pcheng pcheng" <pcheng () gmx com>
Date: Sat, 29 Aug 2015 05:44:07 +0200
Name : vorbis-tool Affected Version: <= Revision 19495 URL : https://wiki.xiph.org/Vorbis-tools Description : An issue was found in oggenc/audio.c when it tries to open invalid AIFF file. 274 if(fread(buffer,1,len,in) < len) The input buffer and length can be controlled by user indirectly via: 260 if(!find_aiff_chunk(in, "COMM", &len)) More info can be found at : https://trac.xiph.org/ticket/2212
Current thread:
- CVE request: vorbis-tools: buffer overflow in aiff_open() pcheng pcheng (Aug 28)
- Re: CVE request: vorbis-tools: buffer overflow in aiff_open() cve-assign (Aug 30)