CVE-2008-1686 - CVE Reference - Advisories

Software Inspectors

	Scan Online

	Personal (PSI)

	Network (NSI 2.0)

Solutions For

	Security Professionals

	Security Vendors

Free Solutions For

	Open Communities

	Journalists & Media

Secunia Advisories

	Search

	Historic Advisories

	Listed By Product

	Listed By Vendor

	Statistics / Graphs

	Secunia Research

	Report Vulnerability

	About Advisories

Virus Information

	Chronological List

	Last 10 Virus Alerts

	About Virus Information

Secunia Customers

	Customer Area

CVE Reference: CVE-2008-1686

NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2008-1686

Description: Array index vulnerability in Speex 1.1.12 and earlier, as used in libfishsound 0.9.0 and earlier, including Illiminable DirectShow Filters and Annodex Plugins for Firefox, xine-lib before 1.1.12, and many other products, allows remote attackers to execute arbitrary code via a header structure containing a negative offset, which is used to dereference a function pointer.

CVE Status: Candidate

References: XF http://xforce.iss.net/xforce/xfdb/41684 UBUNTU http://www.ubuntu.com/usn/usn-611-1 http://www.ubuntu.com/usn/usn-611-2 http://www.ubuntu.com/usn/usn-611-3 SUSE http://lists.opensuse.org/opensuse-security-announce/2008-06/msg00001.html ST 1019875 SLACKWARE http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.460836 SAID Secunia Advisory: SA30581 Secunia Advisory: SA29880 Secunia Advisory: SA29881 Secunia Advisory: SA29882 Secunia Advisory: SA29898 Secunia Advisory: SA30104 Secunia Advisory: SA30117 Secunia Advisory: SA30358 Secunia Advisory: SA30353 Secunia Advisory: SA30119 Secunia Advisory: SA29835 Secunia Advisory: SA29845 Secunia Advisory: SA29854 Secunia Advisory: SA29866 Secunia Advisory: SA29727 Secunia Advisory: SA29672 Secunia Advisory: SA29878 REDHAT http://www.redhat.com/support/errata/RHSA-2008-0235.html MLIST http://lists.xiph.org/pipermail/speex-dev/2008-April/006636.html MISC http://www.ocert.org/advisories/ocert-2008-004.html http://www.ocert.org/advisories/ocert-2008-2.html MANDRIVA http://www.mandriva.com/security/advisories?name=MDVSA-2008:093 http://www.mandriva.com/security/advisories?name=MDVSA-2008:094 http://www.mandriva.com/security/advisories?name=MDVSA-2008:092 GENTOO http://security.gentoo.org/glsa/glsa-200804-17.xml FEDORA DEBIAN http://www.debian.org/security/2008/dsa-1585 http://www.debian.org/security/2008/dsa-1584 CONFIRM http://www.metadecks.org/software/sweep/news.html http://sourceforge.net/project/shownotes.php?release_id=592185&group_id=9655 http://sourceforge.net/project/shownotes.php?release_id=592185 http://blog.kfish.org/2008/04/release-libfishsound-091.html BUGTRAQ http://www.securityfocus.com/archive/1/archive/1/491009/100/0/threaded BID 28665

Return to the previous page.

Secunia PSI
Scan | Patch | Track
Free Download

Secunia Poll

Most Popular Advisories

1.	Mozilla Firefox Multiple Vulnerabilities

2.	PCRE pcre_compile.c Buffer Overflow Vulnerability

3.	VLC Media Player WAV Processing Integer Overflow

4.	Opera for Windows Unspecified Code Execution

5.	GNOME Glib PCRE pcre_compile.c Buffer Overflow Vulnerability

6.	Novell eDirectory ds.dlm Module Buffer Overflow

7.	Mozilla Thunderbird Multiple Vulnerabilities

8.	UnixWare ReliantHA Privilege Escalation Vulnerabilities

9.	Internet Explorer 7 Frame Location Handling Vulnerability

10.	Fedora update for glib2