Mandriva Linux Security Advisory 2012-051 - A specially-crafted Ogg Vorbis media format file could cause an application using libvorbis to crash or, possibly, execute arbitrary code when opened. If a specially-crafted Ogg Vorbis media file was opened by an application using libvorbis, it could cause the application to crash or, possibly, execute arbitrary code with the privileges of the user running the application. The updated packages have been patched to correct these issues.
9793fc28c913f8fe59854d199f4a309e80a747af5460f53d3067bda0987f33b3
Debian Linux Security Advisory 1939-1 - Lucas Adamski, Matthew Gregan, David Keeler, and Dan Kaminsky discovered that libvorbis, a library for the Vorbis general-purpose compressed audio codec, did not correctly handle certain malformed ogg files. An attacher could cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a crafted .ogg file.
b5d4f50cab06384c44a232fdafe149a8abea9e2b7b780c95182e51d6ab7b6b3f
Ubuntu Security Notice 861-1 - It was discovered that libvorbis did not correctly handle ogg files with underpopulated Huffman trees. If a user were tricked into opening a specially crafted ogg file with an application that uses libvorbis, an attacker could cause a denial of service. It was discovered that libvorbis did not correctly handle certain malformed ogg files. If a user were tricked into opening a specially crafted ogg file with an application that uses libvorbis, an attacker could cause a denial of service or possibly execute arbitrary code with the user's privileges.
eae0d2f3f32cf33000f3d2bc776104ba25f98a9675818118f9d38a10b34071ae
Mandriva Linux Security Advisory 2009-294 - Security issues were identified and fixed in Firefox 3.5.x.
4addcca5fafa803913097baa6c63f7a85816ac4e4393a557c0051bbed68d1b5b