CVE-2007-3106

Summary

CVE	CVE-2007-3106
State	PUBLIC
Assigner	[email protected]
Source Priority	CVE Program / NVD first with legacy fallback
Published	2007-07-26 21:30:00 UTC
Updated	2023-11-07 02:00:00 UTC
Description	lib/info.c in libvorbis 1.1.2, and possibly other versions before 1.2.0, allows context-dependent attackers to cause a denial of service and possibly execute arbitrary code via invalid (1) blocksize_0 and (2) blocksize_1 values, which trigger a "heap overwrite" in the _01inverse function in res0.c. NOTE: this issue has been RECAST so that CVE-2007-4029 handles additional vectors.

Risk And Classification

Problem Types: CWE-399

NVD Known Affected Configurations (CPE 2.3)

Type	Vendor	Product	Version	Update	Edition	Language
Application	Libvorbis	Libvorbis	1.1.2	All	All	All
Application	Libvorbis	Libvorbis	1.1.2	All	All	All
Application	Libvorbis	Libvorbis	All	All	All	All
Operating System	Rpath	Rpath Linux	1	All	All	All
Operating System	Rpath	Rpath Linux	1.0.1	All	All	All
Operating System	Rpath	Rpath Linux	1.0.2	All	All	All
Operating System	Rpath	Rpath Linux	1.0.3	All	All	All
Operating System	Rpath	Rpath Linux	1.0.4	All	All	All
Operating System	Rpath	Rpath Linux	1.0.5	All	All	All
Operating System	Rpath	Rpath Linux	1.0.6	All	All	All
Operating System	Rpath	Rpath Linux	1	All	All	All
Operating System	Rpath	Rpath Linux	1.0.1	All	All	All
Operating System	Rpath	Rpath Linux	1.0.2	All	All	All
Operating System	Rpath	Rpath Linux	1.0.3	All	All	All
Operating System	Rpath	Rpath Linux	1.0.4	All	All	All
Operating System	Rpath	Rpath Linux	1.0.5	All	All	All
Operating System	Rpath	Rpath Linux	1.0.6	All	All	All

References

Reference	Source	Link	Tags
Webmail \| OVH- OVH	VUPEN	www.vupen.com	Vendor Advisory
SecurityFocus	BUGTRAQ	www.securityfocus.com
www.isecpartners.com/advisories/2007-003-libvorbis.txt	MISC	www.isecpartners.com
USN-498-1: libvorbis vulnerabilities \| Ubuntu	UBUNTU	www.ubuntu.com
Advisories \| Mandriva	MANDRIVA	www.mandriva.com
Ubuntu update for libvorbis - Advisories - Secunia	SECUNIA	secunia.com	Vendor Advisory
Libvorbis Denial Of Service And Memory Corruption Vulnerabilities	BID	www.securityfocus.com
Music Box libvorbis Multiple Vulnerabilities - Advisories - Secunia	SECUNIA	secunia.com	Vendor Advisory
Gentoo Linux Documentation -- libvorbis: Multiple vulnerabilities	GENTOO	security.gentoo.org
libvorbis Multiple Vulnerabilities - Advisories - Secunia	SECUNIA	secunia.com	Vendor Advisory
Repository / Oval Repository	OVAL	oval.cisecurity.org
Red Hat update for libvorbis - Advisories - Secunia	SECUNIA	secunia.com	Vendor Advisory
Bug 249780 – CVE-2007-4065 Multiple libvorbis flaws (CVE-2007-4066, CVE-2007-4029)	CONFIRM	bugzilla.redhat.com
About Secunia Research \| Flexera	SECUNIA	secunia.com	Vendor Advisory
Red Hat update for libvorbis - Advisories - Secunia	SECUNIA	secunia.com	Vendor Advisory
Bug 245991 – CVE-2007-3106 libvorbis array boundary condition	CONFIRM	bugzilla.redhat.com
rhn.redhat.com \| Red Hat Support	REDHAT	www.redhat.com
Debian update for libvorbis - Advisories - Secunia	SECUNIA	secunia.com	Vendor Advisory
trac.xiph.org/changeset/13160	CONFIRM	trac.xiph.org
rPath update for libvorbis - Advisories - Secunia	SECUNIA	secunia.com	Vendor Advisory
Gentoo update for libvorbis - Secunia Advisories - Vulnerability Information - Secunia.com	SECUNIA	secunia.com	Vendor Advisory
Webmail \| OVH- OVH	VUPEN	www.vupen.com	Vendor Advisory
[#RPL-1590] libvorbis multiple vulnerabilities CVE-2007-3106 CVE-2007-4029 - rPath Issue Tracking System	CONFIRM	issues.rpath.com	Patch
Debian -- Security Information -- DSA-1471-1 libvorbis	DEBIAN	www.debian.org
Music Box 1.6 - T Software News	CONFIRM	www.tellini.org
Support	REDHAT	www.redhat.com
IBM X-Force Exchange	XF	exchange.xforce.ibmcloud.com
CVE Program record	CVE.ORG	www.cve.org	canonical
NVD vulnerability detail	NVD	nvd.nist.gov	canonical, analysis

No vendor comments have been submitted for this CVE.

There are currently no legacy QID mappings associated with this CVE.