[Forgot Password]
Login  Register Subscribe

23631

 
 

115038

 
 

96174

 
 

909

 
 

78077

 
 

109

Paid content will be excluded from the download.


Download | Alert*
CVE
view XML

CVE-2008-1686

Date: (C)2008-04-08   (M)2017-10-04
 
CVSS Score: 9.3Access Vector: NETWORK
Exploitability Subscore: 8.6Access Complexity: MEDIUM
Impact Subscore: 10.0Authentication: NONE
 Confidentiality: COMPLETE
 Integrity: COMPLETE
 Availability: COMPLETE











Array index vulnerability in Speex 1.1.12 and earlier, as used in libfishsound 0.9.0 and earlier, including Illiminable DirectShow Filters and Annodex Plugins for Firefox, xine-lib before 1.1.12, and many other products, allows remote attackers to execute arbitrary code via a header structure containing a negative offset, which is used to dereference a function pointer.

Reference:
SECTRACK-1019875
http://www.securityfocus.com/archive/1/archive/1/491009/100/0/threaded
BID-28665
SECUNIA-29672
SECUNIA-29727
SECUNIA-29835
SECUNIA-29845
SECUNIA-29854
SECUNIA-29866
SECUNIA-29878
SECUNIA-29880
SECUNIA-29881
SECUNIA-29882
SECUNIA-29898
SECUNIA-30104
SECUNIA-30117
SECUNIA-30119
SECUNIA-30337
SECUNIA-30353
SECUNIA-30358
SECUNIA-30581
SECUNIA-30717
SECUNIA-31393
ADV-2008-1187
ADV-2008-1228
ADV-2008-1268
ADV-2008-1269
ADV-2008-1300
ADV-2008-1301
ADV-2008-1302
DSA-1584
DSA-1585
DSA-1586
FEDORA-2008-3059
FEDORA-2008-3103
FEDORA-2008-3191
GLSA-200804-17
MDVSA-2008:092
MDVSA-2008:093
MDVSA-2008:094
MDVSA-2008:124
RHSA-2008:0235
SSA:2008-111-01
SUSE-SR:2008:012
SUSE-SR:2008:013
USN-611-1
USN-611-2
USN-611-3
USN-635-1
http://lists.xiph.org/pipermail/speex-dev/2008-April/006636.html
fishsound-libfishsound-speex-bo(41684)
http://blog.kfish.org/2008/04/release-libfishsound-091.html
http://sourceforge.net/project/shownotes.php?release_id=592185
http://sourceforge.net/project/shownotes.php?release_id=592185&group_id=9655
http://www.metadecks.org/software/sweep/news.html
http://www.ocert.org/advisories/ocert-2008-004.html
http://www.ocert.org/advisories/ocert-2008-2.html

CWE    1
CWE-189
OVAL    7
oval:org.secpod.oval:def:301346
oval:org.mitre.oval:def:8197
oval:org.secpod.oval:def:301528
oval:org.mitre.oval:def:7912
...

© 2013 SecPod Technologies