CVE-2013-0899

2013-02-23 22:55:02 2018-10-30 17:27:33

Integer overflow in the padding implementation in the opus_packet_parse_impl function in src/opus_decoder.c in Opus before 1.0.2, as used in Google Chrome before 25.0.1364.97 on Windows and Linux and before 25.0.1364.99 on Mac OS X and other products, allows remote attackers to cause a denial of service (out-of-bounds read) via a long packet.

Vector

NETWORK

Complexity

LOW

Authentication

NONE

Confidentiality

NONE

Integrity

NONE

Availability

PARTIAL

Opensuse Opensuse 12.2 (not an official CPE) Opensuse Opensuse 12.1 (not an official CPE)

opus-codec Opus 1.0.1 opus-codec Opus 1.0.0 Google Chrome 25.0.1364.98 Google Chrome 25.0.1364.95 Google Chrome 25.0.1364.93 Google Chrome 25.0.1364.92 Google Chrome 25.0.1364.91 Google Chrome 25.0.1364.90 Google Chrome 25.0.1364.89 Google Chrome 25.0.1364.88 Google Chrome 25.0.1364.87 Google Chrome 25.0.1364.86 Google Chrome 25.0.1364.85 Google Chrome 25.0.1364.84 Google Chrome 25.0.1364.82 Google Chrome 25.0.1364.81 Google Chrome 25.0.1364.80 Google Chrome 25.0.1364.79 Google Chrome 25.0.1364.78 Google Chrome 25.0.1364.77 Google Chrome 25.0.1364.76 Google Chrome 25.0.1364.75 Google Chrome 25.0.1364.74 Google Chrome 25.0.1364.73 Google Chrome 25.0.1364.72 Google Chrome 25.0.1364.70 Google Chrome 25.0.1364.68 Google Chrome 25.0.1364.67 Google Chrome 25.0.1364.66 Google Chrome 25.0.1364.65 Google Chrome 25.0.1364.63 Google Chrome 25.0.1364.62 Google Chrome 25.0.1364.61 Google Chrome 25.0.1364.58 Google Chrome 25.0.1364.57 Google Chrome 25.0.1364.56 Google Chrome 25.0.1364.55 Google Chrome 25.0.1364.54 Google Chrome 25.0.1364.53 Google Chrome 25.0.1364.52 Google Chrome 25.0.1364.51 Google Chrome 25.0.1364.50 Google Chrome 25.0.1364.49 Google Chrome 25.0.1364.48 Google Chrome 25.0.1364.47 Google Chrome 25.0.1364.46 Google Chrome 25.0.1364.45 Google Chrome 25.0.1364.44 Google Chrome 25.0.1364.43 Google Chrome 25.0.1364.42 Google Chrome 25.0.1364.41 Google Chrome 25.0.1364.40 Google Chrome 25.0.1364.39 Google Chrome 25.0.1364.38 Google Chrome 25.0.1364.37 Google Chrome 25.0.1364.36 Google Chrome 25.0.1364.35 Google Chrome 25.0.1364.34 Google Chrome 25.0.1364.33 Google Chrome 25.0.1364.32 Google Chrome 25.0.1364.31 Google Chrome 25.0.1364.30 Google Chrome 25.0.1364.29 Google Chrome 25.0.1364.28 Google Chrome 25.0.1364.27 Google Chrome 25.0.1364.26 Google Chrome 25.0.1364.25 Google Chrome 25.0.1364.24 Google Chrome 25.0.1364.23 Google Chrome 25.0.1364.22 Google Chrome 25.0.1364.21 Google Chrome 25.0.1364.20 Google Chrome 25.0.1364.19 Google Chrome 25.0.1364.18 Google Chrome 25.0.1364.17 Google Chrome 25.0.1364.16 Google Chrome 25.0.1364.15 Google Chrome 25.0.1364.14 Google Chrome 25.0.1364.13 Google Chrome 25.0.1364.12 Google Chrome 25.0.1364.11 Google Chrome 25.0.1364.10 Google Chrome 25.0.1364.9 Google Chrome 25.0.1364.8 Google Chrome 25.0.1364.7 Google Chrome 25.0.1364.5 Google Chrome 25.0.1364.3 Google Chrome 25.0.1364.2 Google Chrome 25.0.1364.1 Google Chrome 25.0.1364.0

Opensuse - Opensuse Opus-codec - Opus Google - Chrome

Advisory	Patch	Confirmed	Link
			https://src.chromium.org/viewvc/chrome?view=rev&revision...
			https://src.chromium.org/viewvc/chrome/trunk/deps/third_...
			https://code.google.com/p/chromium/issues/detail?id=1604...
			https://codereview.chromium.org/11575026
			http://opus-codec.org/downloads/
			openSUSE-SU-2013:0454
			http://googlechromereleases.blogspot.com/2013/02/stable-...

Numeric Errors (ID 189)