---

CVE-2017-14632 - log back

CVE-2017-14632 created at 25 Sep 2019 19:31:40
Severity	+ Critical
Remote	+ Remote
Type	+ Arbitrary code execution
Description	+ fXiph.Org libvorbis before 1.3.6 allows remote code execution upon freeing uninitialized memory in the function vorbis_analysis_headerout() in info.c when vi->channels<=0, a similar issue to Mozilla bug 550184.
References	+ https://github.com/xiph/vorbis/commit/c1c2831fc7306d5fbd7bc800324efd12b28d327f
Notes