Launchpad CVE tracker

CVE 2012-1108

The parse function in ogg/xiphcomment.cpp in TagLib 1.7 and earlier allows remote attackers to cause a denial of service (crash) via a crafted vendorLength field in an ogg file.

Related bugs and status

CVE-2012-1108 (Candidate) is related to these bugs:

Bug #945415: multiple security vulnerabilities in taglib

Summary				In	Importance	Status
	945415	multiple security vulnerabilities in taglib		taglib (Ubuntu)	Low	Fix Released
	945415	multiple security vulnerabilities in taglib		taglib (Debian)	Unknown	Fix Released

See the

CVE page on Mitre.org for more details.

References

MISC: http://secunia.com/adv...
MISC: http://secunia.com/adv...
MISC: http://secunia.com/adv...
MISC: http://www.securityfoc...
MISC: http://osvdb.org/79813
MISC: http://www.gentoo.org/...
MISC: http://www.openwall.co...
MISC: http://mail.kde.org/pi...
MISC: http://mail.kde.org/pi...
MISC: https://github.com/tag...
MISC: https://exchange.xforc...

Launchpad.net

CVE 2012-1108

Related bugs and status

Related bugs

References