Home page logo
/

oss-sec logo oss-sec mailing list archives

CVE request: opus codec before 1.0.2
From: Hanno Böck <hanno () hboeck de>
Date: Tue, 11 Dec 2012 13:32:25 +0100

http://lists.xiph.org/pipermail/opus/2012-December/001846.html

sounds like a low-severity security issue:

"Opus 1.0.2 fixes an out-of-bounds read that could be triggered by a
malicious Opus packet by causing an integer wrap-around in the padding
code. Considering that the packet would have to be at least 16 MB in
size and that no out-of-bounds write is possible, the severity is very
low."

Fixed in opus 1.0.2.

-- 
Hanno Böck              mail/jabber: hanno () hboeck de
GPG: BBB51E42           http://www.hboeck.de/

Attachment: signature.asc
Description:


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]