SuSE Update For Libvorbis OpenSUSE-SU-2012:0319-1 (libvorbis) Network Vulnerability

Solution

Please Install the Updated Packages.

Insight

Specially crafted ogg files could cause a heap-based buffer overflow in the vorbis audio compression library that could potentially be exploited by attackers to cause a crash or execute arbitrary code (CVE-2012-0444).

Affected

libvorbis on openSUSE 11.4

Severity

Classification

CVE CVE-2012-0444
CVSS Base Score: 10.0
AV:N/AC:L/Au:N/C:C/I:C/A:C

Related Vulnerabilities

SLES10: Security update for libxml2
SLES10: Security update for icu
SLES10: Security update for kdelibs3
SLES10: Security update for libapr
SLES10: Security update for MozillaFirefox

SuSE Update for libvorbis openSUSE-SU-2012:0319-1 (libvorbis)

Take action and discover your vulnerabilities