CVE-2008-1686

Array index vulnerability in Speex 1.1.12 and earlier, as used in libfishsound 0.9.0 and earlier, including Illiminable DirectShow Filters and Annodex Plugins for Firefox, xine-lib before 1.1.12, and many other products, allows remote attackers to execute arbitrary code via a header structure containing a negative offset, which is used to dereference a function pointer.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
9.3 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:C/I:C/A:C
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 90%
VendorProductVersion
xinexine-lib
𝑥
≤ 1.1.11.1
xinexine-lib
0.9.8
xinexine-lib
0.9.13
xinexine-lib
0.99
xinexine-lib
1.0
xinexine-lib
1.0.1
xinexine-lib
1.0.2
xinexine-lib
1.0.3a:a
xinexine-lib
1.1.0
xinexine-lib
1.1.1
xinexine-lib
1.1.10
xinexine-lib
1.1.10.1
xinexine-lib
1.1.11
xiphspeex
𝑥
≤ 1.1.12
xiphspeex
1.0.2
xiphspeex
1.0.3
xiphspeex
1.0.4
xiphspeex
1.0.5
xiphspeex
1.1.1
xiphspeex
1.1.2
xiphspeex
1.1.3
xiphspeex
1.1.4
xiphspeex
1.1.5
xiphspeex
1.1.6
xiphspeex
1.1.7
xiphspeex
1.1.8
xiphspeex
1.1.9
xiphspeex
1.1.10
xiphspeex
1.1.11
xiphspeex
1.1.11.1
xiphlibfishsound
𝑥
≤ 0.9.0
xiphlibfishsound
0.5.41
xiphlibfishsound
0.5.42
xiphlibfishsound
0.6.0
xiphlibfishsound
0.6.1
xiphlibfishsound
0.6.2
xiphlibfishsound
0.6.3
xiphlibfishsound
0.7.0
xiphlibfishsound
0.8.0
xiphlibfishsound
0.8.1
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
libfishsound
bullseye
1.0.0-8
fixed
bookworm
1.0.0-9
fixed
sid
1.0.0-10
fixed
trixie
1.0.0-10
fixed
speex
bullseye
1.2~rc1.2-1.1
fixed
bookworm
1.2.1-2
fixed
sid
1.2.1-3
fixed
trixie
1.2.1-3
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
gst-plugins-good0.10
oneiric
not-affected
natty
not-affected
maverick
not-affected
lucid
not-affected
karmic
not-affected
jaunty
not-affected
intrepid
not-affected
hardy
Fixed 0.10.7-3ubuntu0.1
released
gutsy
Fixed 0.10.6-0ubuntu4.1
released
feisty
Fixed 0.10.5-1ubuntu2.1
released
dapper
Fixed 0.10.3-0ubuntu4.1
released
libfishsound
oneiric
not-affected
natty
not-affected
maverick
not-affected
lucid
not-affected
karmic
not-affected
jaunty
not-affected
intrepid
not-affected
hardy
Fixed 0.7.0-2.1ubuntu0.1
released
gutsy
ignored
feisty
ignored
edgy
ignored
dapper
ignored
speex
oneiric
not-affected
natty
not-affected
maverick
not-affected
lucid
not-affected
karmic
not-affected
jaunty
not-affected
intrepid
not-affected
hardy
Fixed 1.1.12-3ubuntu0.8.04.1
released
gutsy
Fixed 1.1.12-3ubuntu0.7.10.1
released
feisty
Fixed 1.1.12-3ubuntu0.7.04.1
released
edgy
ignored
dapper
Fixed 1.1.11.1-1ubuntu0.3
released
sweep
oneiric
not-affected
natty
not-affected
maverick
not-affected
lucid
not-affected
karmic
not-affected
jaunty
not-affected
intrepid
ignored
hardy
ignored
gutsy
ignored
feisty
ignored
dapper
ignored
vlc
oneiric
Fixed 0.8.6.release.h-1ubuntu1
released
natty
Fixed 0.8.6.release.h-1ubuntu1
released
maverick
Fixed 0.8.6.release.h-1ubuntu1
released
lucid
Fixed 0.8.6.release.h-1ubuntu1
released
karmic
Fixed 0.8.6.release.h-1ubuntu1
released
jaunty
Fixed 0.8.6.release.h-1ubuntu1
released
intrepid
Fixed 0.8.6.release.h-1ubuntu1
released
hardy
Fixed 0.8.6.release.e+x264svn20071224+faad2.6.1-0ubuntu3.1
released
gutsy
ignored
feisty
ignored
dapper
ignored
vorbis-tools
oneiric
Fixed 1.2.0-2
released
natty
Fixed 1.2.0-2
released
maverick
Fixed 1.2.0-2
released
lucid
Fixed 1.2.0-2
released
karmic
Fixed 1.2.0-2
released
jaunty
Fixed 1.2.0-2
released
intrepid
Fixed 1.2.0-2
released
hardy
Fixed 1.1.1-15ubuntu0.1
released
gutsy
Fixed 1.1.1-13ubuntu0.1
released
feisty
Fixed 1.1.1-6ubuntu0.1
released
dapper
Fixed 1.1.1-3ubuntu0.1
released
xine-lib
oneiric
not-affected
natty
not-affected
maverick
not-affected
lucid
not-affected
karmic
not-affected
jaunty
not-affected
intrepid
not-affected
hardy
Fixed 1.1.11.1-1ubuntu3.1
released
gutsy
Fixed 1.1.7-1ubuntu1.3
released
feisty
Fixed 1.1.4-2ubuntu3.1
released
dapper
Fixed 1.1.1+ubuntu2-7.9
released
xmms-speex
oneiric
dne
natty
dne
maverick
dne
lucid
dne
karmic
dne
jaunty
dne
intrepid
dne
hardy
dne
gutsy
ignored
feisty
ignored
dapper
dne
Common Weakness Enumeration
References
http://blog.kfish.org/2008/04/release-libfishsound-091.html
http://lists.opensuse.org/opensuse-security-announce/2008-06/msg00001.html
http://lists.xiph.org/pipermail/speex-dev/2008-April/006636.html
http://secunia.com/advisories/29672
http://secunia.com/advisories/29727
http://secunia.com/advisories/29835
http://secunia.com/advisories/29845
http://secunia.com/advisories/29854
http://secunia.com/advisories/29866
http://secunia.com/advisories/29878
http://secunia.com/advisories/29880
http://secunia.com/advisories/29881
http://secunia.com/advisories/29882
http://secunia.com/advisories/29898
http://secunia.com/advisories/30104
http://secunia.com/advisories/30117
http://secunia.com/advisories/30119
http://secunia.com/advisories/30337
http://secunia.com/advisories/30353
http://secunia.com/advisories/30358
http://secunia.com/advisories/30581
http://secunia.com/advisories/30717
http://secunia.com/advisories/31393
http://security.gentoo.org/glsa/glsa-200804-17.xml
http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.460836
http://sourceforge.net/project/shownotes.php?release_id=592185
http://sourceforge.net/project/shownotes.php?release_id=592185&group_id=9655
http://www.debian.org/security/2008/dsa-1584
http://www.debian.org/security/2008/dsa-1585
http://www.debian.org/security/2008/dsa-1586
http://www.mandriva.com/security/advisories?name=MDVSA-2008:092
http://www.mandriva.com/security/advisories?name=MDVSA-2008:093
http://www.mandriva.com/security/advisories?name=MDVSA-2008:094
http://www.mandriva.com/security/advisories?name=MDVSA-2008:124
http://www.metadecks.org/software/sweep/news.html
http://www.novell.com/linux/security/advisories/2008_13_sr.html
http://www.ocert.org/advisories/ocert-2008-004.html
http://www.ocert.org/advisories/ocert-2008-2.html
http://www.redhat.com/support/errata/RHSA-2008-0235.html
http://www.securityfocus.com/archive/1/491009/100/0/threaded
http://www.securityfocus.com/bid/28665
http://www.securitytracker.com/id?1019875
http://www.ubuntu.com/usn/usn-611-1
http://www.ubuntu.com/usn/usn-611-2
http://www.ubuntu.com/usn/usn-611-3
http://www.ubuntu.com/usn/usn-635-1
http://www.vupen.com/english/advisories/2008/1187/references
http://www.vupen.com/english/advisories/2008/1228/references
http://www.vupen.com/english/advisories/2008/1268/references
http://www.vupen.com/english/advisories/2008/1269/references
http://www.vupen.com/english/advisories/2008/1300/references
http://www.vupen.com/english/advisories/2008/1301/references
http://www.vupen.com/english/advisories/2008/1302/references
https://exchange.xforce.ibmcloud.com/vulnerabilities/41684
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10026
https://www.redhat.com/archives/fedora-package-announce/2008-April/msg00244.html
https://www.redhat.com/archives/fedora-package-announce/2008-April/msg00287.html
https://www.redhat.com/archives/fedora-package-announce/2008-April/msg00357.html
http://blog.kfish.org/2008/04/release-libfishsound-091.html
http://lists.opensuse.org/opensuse-security-announce/2008-06/msg00001.html
http://lists.xiph.org/pipermail/speex-dev/2008-April/006636.html
http://secunia.com/advisories/29672
http://secunia.com/advisories/29727
http://secunia.com/advisories/29835
http://secunia.com/advisories/29845
http://secunia.com/advisories/29854
http://secunia.com/advisories/29866
http://secunia.com/advisories/29878
http://secunia.com/advisories/29880
http://secunia.com/advisories/29881
http://secunia.com/advisories/29882
http://secunia.com/advisories/29898
http://secunia.com/advisories/30104
http://secunia.com/advisories/30117
http://secunia.com/advisories/30119
http://secunia.com/advisories/30337
http://secunia.com/advisories/30353
http://secunia.com/advisories/30358
http://secunia.com/advisories/30581
http://secunia.com/advisories/30717
http://secunia.com/advisories/31393
http://security.gentoo.org/glsa/glsa-200804-17.xml
http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.460836
http://sourceforge.net/project/shownotes.php?release_id=592185
http://sourceforge.net/project/shownotes.php?release_id=592185&group_id=9655
http://www.debian.org/security/2008/dsa-1584
http://www.debian.org/security/2008/dsa-1585
http://www.debian.org/security/2008/dsa-1586
http://www.mandriva.com/security/advisories?name=MDVSA-2008:092
http://www.mandriva.com/security/advisories?name=MDVSA-2008:093
http://www.mandriva.com/security/advisories?name=MDVSA-2008:094
http://www.mandriva.com/security/advisories?name=MDVSA-2008:124
http://www.metadecks.org/software/sweep/news.html
http://www.novell.com/linux/security/advisories/2008_13_sr.html
http://www.ocert.org/advisories/ocert-2008-004.html
http://www.ocert.org/advisories/ocert-2008-2.html
http://www.redhat.com/support/errata/RHSA-2008-0235.html
http://www.securityfocus.com/archive/1/491009/100/0/threaded
http://www.securityfocus.com/bid/28665
http://www.securitytracker.com/id?1019875
http://www.ubuntu.com/usn/usn-611-1
http://www.ubuntu.com/usn/usn-611-2
http://www.ubuntu.com/usn/usn-611-3
http://www.ubuntu.com/usn/usn-635-1
http://www.vupen.com/english/advisories/2008/1187/references
http://www.vupen.com/english/advisories/2008/1228/references
http://www.vupen.com/english/advisories/2008/1268/references
http://www.vupen.com/english/advisories/2008/1269/references
http://www.vupen.com/english/advisories/2008/1300/references
http://www.vupen.com/english/advisories/2008/1301/references
http://www.vupen.com/english/advisories/2008/1302/references
https://exchange.xforce.ibmcloud.com/vulnerabilities/41684
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10026
https://www.redhat.com/archives/fedora-package-announce/2008-April/msg00244.html
https://www.redhat.com/archives/fedora-package-announce/2008-April/msg00287.html
https://www.redhat.com/archives/fedora-package-announce/2008-April/msg00357.html