CVE-2014-9640
EPSS 1.1%
Description
oggenc/oggenc.c in vorbis-tools 1.4.0 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted raw file.
How to fix CVE-2014-9640
To remediate CVE-2014-9640, upgrade the affected package to a fixed version below.
- Debian/vorbis-tools—upgrade to 1.4.0-6 or later
Is CVE-2014-9640 being exploited?
Low — EPSS is 1.1%, meaning exploitation activity has not been observed at scale.
Affected packages (1)
- from 0, < 1.4.0-6