FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

libtremor -- memory corruption

Affected packages
libtremor < 1.2.0.s20120120

Details

VuXML ID 40497e81-fee3-4e54-9d5f-175a5c633b73
Discovery 2012-01-31
Entry 2015-08-25
Modified 2015-08-25

The Mozilla Project reports:

Security researcher regenrecht reported via TippingPoint's Zero Day Initiative the possibility of memory corruption during the decoding of Ogg Vorbis files. This can cause a crash during decoding and has the potential for remote code execution.

References

CVE Name CVE-2012-0444
URL https://bugzilla.mozilla.org/show_bug.cgi?id=719612
URL https://git.xiph.org/?p=tremor.git;a=commitdiff;h=3daa274