Back to search
CVE-2008-1686
Published: Apr 8, 2008
Modified: Aug 7, 2024
PUBLISHED
Description
Array index vulnerability in Speex 1.1.12 and earlier, as used in libfishsound 0.9.0 and earlier, including Illiminable DirectShow Filters and Annodex Plugins for Firefox, xine-lib before 1.1.12, and many other products, allows remote attackers to execute arbitrary code via a header structure containing a negative offset, which is used to dereference a function pointer.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
USN-611-1
vendor-advisory
x_refsource_UBUNTU
http://sourceforge.net/project/shownotes.php?release_id=592185
x_refsource_CONFIRM
20080417 [oCERT-2008-004] multiple speex implementations insufficientboundary checks
mailing-list
x_refsource_BUGTRAQ
ADV-2008-1302
vdb-entry
x_refsource_VUPEN
MDVSA-2008:124
vendor-advisory
x_refsource_MANDRIVA
1019875
vdb-entry
x_refsource_SECTRACK
29878
third-party-advisory
x_refsource_SECUNIA
29898
third-party-advisory
x_refsource_SECUNIA
FEDORA-2008-3103
vendor-advisory
x_refsource_FEDORA
ADV-2008-1269
vdb-entry
x_refsource_VUPEN
29866
third-party-advisory
x_refsource_SECUNIA
DSA-1586
vendor-advisory
x_refsource_DEBIAN
30117
third-party-advisory
x_refsource_SECUNIA
[Speex-dev] 20080406 libfishsound 0.9.1 Release
mailing-list
x_refsource_MLIST
30104
third-party-advisory
x_refsource_SECUNIA
ADV-2008-1300
vdb-entry
x_refsource_VUPEN
29727
third-party-advisory
x_refsource_SECUNIA
ADV-2008-1301
vdb-entry
x_refsource_VUPEN
USN-611-3
vendor-advisory
x_refsource_UBUNTU
29672
third-party-advisory
x_refsource_SECUNIA
SUSE-SR:2008:012
vendor-advisory
x_refsource_SUSE
DSA-1585
vendor-advisory
x_refsource_DEBIAN
MDVSA-2008:092
vendor-advisory
x_refsource_MANDRIVA
30353
third-party-advisory
x_refsource_SECUNIA
fishsound-libfishsound-speex-bo(41684)
vdb-entry
x_refsource_XF
29835
third-party-advisory
x_refsource_SECUNIA
http://sourceforge.net/project/shownotes.php?release_id=592185&group_id=9655
x_refsource_CONFIRM
29880
third-party-advisory
x_refsource_SECUNIA
http://blog.kfish.org/2008/04/release-libfishsound-091.html
x_refsource_CONFIRM
31393
third-party-advisory
x_refsource_SECUNIA
oval:org.mitre.oval:def:10026
vdb-entry
signature
x_refsource_OVAL
http://www.ocert.org/advisories/ocert-2008-2.html
x_refsource_MISC
ADV-2008-1228
vdb-entry
x_refsource_VUPEN
DSA-1584
vendor-advisory
x_refsource_DEBIAN
http://www.ocert.org/advisories/ocert-2008-004.html
x_refsource_MISC
ADV-2008-1268
vdb-entry
x_refsource_VUPEN
29845
third-party-advisory
x_refsource_SECUNIA
USN-611-2
vendor-advisory
x_refsource_UBUNTU
RHSA-2008:0235
vendor-advisory
x_refsource_REDHAT
30358
third-party-advisory
x_refsource_SECUNIA
29854
third-party-advisory
x_refsource_SECUNIA
SSA:2008-111-01
vendor-advisory
x_refsource_SLACKWARE
ADV-2008-1187
vdb-entry
x_refsource_VUPEN
MDVSA-2008:094
vendor-advisory
x_refsource_MANDRIVA
29881
third-party-advisory
x_refsource_SECUNIA
MDVSA-2008:093
vendor-advisory
x_refsource_MANDRIVA
GLSA-200804-17
vendor-advisory
x_refsource_GENTOO
30119
third-party-advisory
x_refsource_SECUNIA
28665
vdb-entry
x_refsource_BID
http://www.metadecks.org/software/sweep/news.html
x_refsource_CONFIRM
FEDORA-2008-3191
vendor-advisory
x_refsource_FEDORA
FEDORA-2008-3059
vendor-advisory
x_refsource_FEDORA
29882
third-party-advisory
x_refsource_SECUNIA
USN-635-1
vendor-advisory
x_refsource_UBUNTU
30337
third-party-advisory
x_refsource_SECUNIA
30581
third-party-advisory
x_refsource_SECUNIA
SUSE-SR:2008:013
vendor-advisory
x_refsource_SUSE
30717
third-party-advisory
x_refsource_SECUNIA
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now