CVE - CVE-2007-4066

CVE-ID
CVE-2007-4066	Learn more at National Vulnerability Database (NVD) • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
Multiple buffer overflows in Xiph.Org libvorbis before 1.2.0 allow context-dependent attackers to cause a denial of service or have other unspecified impact via a crafted OGG file, aka trac Changesets 13162, 13168, 13169, 13170, 13172, 13211, and 13215, as demonstrated by an overflow in oggenc.exe related to the _psy_noiseguards_8 array.
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
MISC:1018712 URL:http://securitytracker.com/id?1018712 MISC:24923 URL:http://secunia.com/advisories/24923 MISC:26865 URL:http://secunia.com/advisories/26865 MISC:27099 URL:http://secunia.com/advisories/27099 MISC:27170 URL:http://secunia.com/advisories/27170 MISC:27439 URL:http://secunia.com/advisories/27439 MISC:28614 URL:http://secunia.com/advisories/28614 MISC:DSA-1471 URL:http://www.debian.org/security/2008/dsa-1471 MISC:GLSA-200710-03 URL:http://security.gentoo.org/glsa/glsa-200710-03.xml MISC:MDKSA-2007:194 URL:~~http://www.mandriva.com/security/advisories?name=MDKSA-2007:194~~ (Obsolete source) MISC:RHSA-2007:0845 URL:http://www.redhat.com/support/errata/RHSA-2007-0845.html MISC:RHSA-2007:0912 URL:http://www.redhat.com/support/errata/RHSA-2007-0912.html MISC:SUSE-SR:2007:023 URL:http://www.novell.com/linux/security/advisories/2007_23_sr.html MISC:http://svn.xiph.org/trunk/vorbis/CHANGES URL:http://svn.xiph.org/trunk/vorbis/CHANGES MISC:https://bugzilla.redhat.com/show_bug.cgi?id=249780 URL:https://bugzilla.redhat.com/show_bug.cgi?id=249780 MISC:https://trac.xiph.org/changeset/13162 URL:https://trac.xiph.org/changeset/13162 MISC:https://trac.xiph.org/changeset/13168 URL:https://trac.xiph.org/changeset/13168 MISC:https://trac.xiph.org/changeset/13169 URL:https://trac.xiph.org/changeset/13169 MISC:https://trac.xiph.org/changeset/13170 URL:https://trac.xiph.org/changeset/13170 MISC:https://trac.xiph.org/changeset/13172 URL:https://trac.xiph.org/changeset/13172 MISC:https://trac.xiph.org/changeset/13211 URL:https://trac.xiph.org/changeset/13211 MISC:https://trac.xiph.org/changeset/13215 URL:https://trac.xiph.org/changeset/13215 MISC:https://trac.xiph.org/ticket/300 URL:https://trac.xiph.org/ticket/300 MISC:https://trac.xiph.org/ticket/853 URL:https://trac.xiph.org/ticket/853 MISC:oval:org.mitre.oval:def:11453 URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11453
Assigning CNA
Red Hat, Inc.
Date Record Created
20070730	Disclaimer: The record creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20070730)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is an record on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: CVE Request Web Form (select "Other" from dropdown)

Use of the CVE™ List and the associated references from this website are subject to the terms of use. CVE is sponsored by the U.S. Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA). Copyright © 1999–2025, The MITRE Corporation. CVE is a trademark and the CVE logo is a registered trademark of The MITRE Corporation.