CVE-2018-1000050

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2018-1000050

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2018-1000050.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2018-1000050

Related

UBUNTU-CVE-2018-1000050

Published

2018-02-09T23:29:01Z

Modified

2025-01-08T06:32:21Z

Severity

8.8 (High) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVSS Calculator

Summary

[none]

Details

Sean Barrett stb_vorbis version 1.12 and earlier contains a Buffer Overflow vulnerability in All vorbis decoding paths. that can result in memory corruption, denial of service, comprised execution of host program. This attack appear to be exploitable via Victim must open a specially crafted Ogg Vorbis file. This vulnerability appears to have been fixed in 1.13.

References

https://github.com/nothings/stb/commit/244d83bc3d859293f55812d48b3db168e581f6ab

Affected packages

Git / github.com/nothings/stb

Affected ranges

Type: GIT
Repo: https://github.com/nothings/stb
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

244d83bc3d859293f55812d48b3db168e581f6ab

Fixed

244d83bc3d859293f55812d48b3db168e581f6ab