Stack Buffer Overflow Vulnerability in STB Vorbis Audio Library
CVE-2019-13221

7.8HIGH

Key Information:

Vendor: Stb Vorbis Project
Status: Stb Vorbis
Vendor: CVE Published:; 15 August 2019

🔔 Create Stb Vorbis Project Vulnerability Alert

What is CVE-2019-13221?

The STB Vorbis audio library is vulnerable to a stack buffer overflow due to improper handling of specially crafted Ogg Vorbis files. This flaw can be exploited by attackers to cause a denial of service or potentially execute arbitrary code on systems utilizing the affected library, leading to significant security risks for applications that rely on STB Vorbis for audio playback.

References

http://nothings.org/stb_vorbis/

https://github.com/nothings/stb/commits/master/stb_vorbis.c

https://github.com/nothings/stb/commit/98fdfc6df88b1e34a7...

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 15, 2019
Vulnerability Reserved
Jul 3, 2019