Show filters
3 Total Results
Displaying 1-3 of 3
Sort by:
Attacker Value
Unknown
CVE-2020-20412
Disclosure Date: December 26, 2020 (last updated October 07, 2023)
lib/codebook.c in libvorbis before 1.3.6, as used in StepMania 5.0.12 and other products, has insufficient array bounds checking via a crafted OGG file. NOTE: this may overlap CVE-2018-5146.
0
Attacker Value
Unknown
CVE-2018-5146
Disclosure Date: June 11, 2018 (last updated October 06, 2023)
An out of bounds memory write while processing Vorbis audio data was reported through the Pwn2Own contest. This vulnerability affects Firefox < 59.0.1, Firefox ESR < 52.7.2, and Thunderbird < 52.7.
0
Attacker Value
Unknown
CVE-2018-5147
Disclosure Date: June 11, 2018 (last updated October 06, 2023)
The libtremor library has the same flaw as CVE-2018-5146. This library is used by Firefox in place of libvorbis on Android and ARM platforms. This vulnerability affects Firefox ESR < 52.7.2 and Firefox < 59.0.1.
0