Buffer Overflow Vulnerability in stb_vorbis 1.12 and Earlier: Exploitable via Specially Crafted Ogg Vorbis File

Buffer Overflow Vulnerability in stb_vorbis 1.12 and Earlier: Exploitable via Specially Crafted Ogg Vorbis File

CVE-2018-1000050 · MEDIUM Severity

AV:N/AC:M/AU:N/C:P/I:P/A:P

Sean Barrett stb_vorbis version 1.12 and earlier contains a Buffer Overflow vulnerability in All vorbis decoding paths. that can result in memory corruption, denial of service, comprised execution of host program. This attack appear to be exploitable via Victim must open a specially crafted Ogg Vorbis file. This vulnerability appears to have been fixed in 1.13.

Learn more about our Web Application Penetration Testing UK.