Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2008-1686

Array index vulnerability in Speex 1.1.12 and earlier, as used in libfishsound 0.9.0 and earlier, including Illiminable DirectShow Filters and Annodex Plugins for Firefox, xine-lib before 1.1.12, and many other products, allows remote attackers to execute arbitrary code via a header structure containing a negative offset, which is used to dereference a function pointer.

Published

2008-04-08T18:05:00.000

Last Modified

2025-04-09T00:30:58.490

Status

Deferred

Source

[email protected]

Severity

CVSSv2: 9.3 (HIGH)

CVSSv2 Vector

AV:N/AC:M/Au:N/C:C/I:C/A:C

Access Vector: NETWORK
Access Complexity: MEDIUM
Authentication: NONE
Confidentiality Impact: COMPLETE
Integrity Impact: COMPLETE
Availability Impact: COMPLETE

Exploitability Score

8.6

Impact Score

10.0

Weaknesses

Type: Primary
CWE-189

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	xine	xine-lib	≤ 1.1.11.1	Yes
Application	xine	xine-lib	0.9.8	Yes
Application	xine	xine-lib	0.9.13	Yes
Application	xine	xine-lib	0.99	Yes
Application	xine	xine-lib	1.0	Yes
Application	xine	xine-lib	1.0.1	Yes
Application	xine	xine-lib	1.0.2	Yes
Application	xine	xine-lib	1.0.3a	Yes
Application	xine	xine-lib	1.1.0	Yes
Application	xine	xine-lib	1.1.1	Yes
Application	xine	xine-lib	1.1.10	Yes
Application	xine	xine-lib	1.1.10.1	Yes
Application	xine	xine-lib	1.1.11	Yes
Application	xiph	speex	≤ 1.1.12	Yes
Application	xiph	speex	1.0.2	Yes
Application	xiph	speex	1.0.3	Yes
Application	xiph	speex	1.0.4	Yes
Application	xiph	speex	1.0.5	Yes
Application	xiph	speex	1.1.1	Yes
Application	xiph	speex	1.1.2	Yes
Application	xiph	speex	1.1.3	Yes
Application	xiph	speex	1.1.4	Yes
Application	xiph	speex	1.1.5	Yes
Application	xiph	speex	1.1.6	Yes
Application	xiph	speex	1.1.7	Yes
Application	xiph	speex	1.1.8	Yes
Application	xiph	speex	1.1.9	Yes
Application	xiph	speex	1.1.10	Yes
Application	xiph	speex	1.1.11	Yes
Application	xiph	speex	1.1.11.1	Yes
Application	xiph	libfishsound	≤ 0.9.0	Yes
Application	xiph	libfishsound	0.5.41	Yes
Application	xiph	libfishsound	0.5.42	Yes
Application	xiph	libfishsound	0.6.0	Yes
Application	xiph	libfishsound	0.6.1	Yes
Application	xiph	libfishsound	0.6.2	Yes
Application	xiph	libfishsound	0.6.3	Yes
Application	xiph	libfishsound	0.7.0	Yes
Application	xiph	libfishsound	0.8.0	Yes
Application	xiph	libfishsound	0.8.1	Yes

References

http://blog.kfish.org/2008/04/release-libfishsound-091.html ([email protected])
http://lists.opensuse.org/opensuse-security-announce/2008-06/msg00001.html ([email protected])
http://lists.xiph.org/pipermail/speex-dev/2008-April/006636.html ([email protected])
http://secunia.com/advisories/29672 Vendor Advisory ([email protected])
http://secunia.com/advisories/29727 Vendor Advisory ([email protected])
http://secunia.com/advisories/29835 Vendor Advisory ([email protected])
http://secunia.com/advisories/29845 Vendor Advisory ([email protected])
http://secunia.com/advisories/29854 Vendor Advisory ([email protected])
http://secunia.com/advisories/29866 Vendor Advisory ([email protected])
http://secunia.com/advisories/29878 Vendor Advisory ([email protected])
http://secunia.com/advisories/29880 Vendor Advisory ([email protected])
http://secunia.com/advisories/29881 Vendor Advisory ([email protected])
http://secunia.com/advisories/29882 Vendor Advisory ([email protected])
http://secunia.com/advisories/29898 Vendor Advisory ([email protected])
http://secunia.com/advisories/30104 Vendor Advisory ([email protected])
http://secunia.com/advisories/30117 Vendor Advisory ([email protected])
http://secunia.com/advisories/30119 Vendor Advisory ([email protected])
http://secunia.com/advisories/30337 ([email protected])
http://secunia.com/advisories/30353 Vendor Advisory ([email protected])
http://secunia.com/advisories/30358 Vendor Advisory ([email protected])
http://secunia.com/advisories/30581 Vendor Advisory ([email protected])
http://secunia.com/advisories/30717 ([email protected])
http://secunia.com/advisories/31393 Vendor Advisory ([email protected])
http://security.gentoo.org/glsa/glsa-200804-17.xml ([email protected])
http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.460836 ([email protected])
http://sourceforge.net/project/shownotes.php?release_id=592185 ([email protected])
http://sourceforge.net/project/shownotes.php?release_id=592185&group_id=9655 ([email protected])
http://www.debian.org/security/2008/dsa-1584 Patch ([email protected])
http://www.debian.org/security/2008/dsa-1585 Patch ([email protected])
http://www.debian.org/security/2008/dsa-1586 ([email protected])
http://www.mandriva.com/security/advisories?name=MDVSA-2008:092 ([email protected])
http://www.mandriva.com/security/advisories?name=MDVSA-2008:093 ([email protected])
http://www.mandriva.com/security/advisories?name=MDVSA-2008:094 ([email protected])
http://www.mandriva.com/security/advisories?name=MDVSA-2008:124 ([email protected])
http://www.metadecks.org/software/sweep/news.html ([email protected])
http://www.novell.com/linux/security/advisories/2008_13_sr.html ([email protected])
http://www.ocert.org/advisories/ocert-2008-004.html ([email protected])
http://www.ocert.org/advisories/ocert-2008-2.html ([email protected])
http://www.redhat.com/support/errata/RHSA-2008-0235.html ([email protected])
http://www.securityfocus.com/archive/1/491009/100/0/threaded ([email protected])
http://www.securityfocus.com/bid/28665 Patch ([email protected])
http://www.securitytracker.com/id?1019875 ([email protected])
http://www.ubuntu.com/usn/usn-611-1 ([email protected])
http://www.ubuntu.com/usn/usn-611-2 ([email protected])
http://www.ubuntu.com/usn/usn-611-3 ([email protected])
http://www.ubuntu.com/usn/usn-635-1 ([email protected])
http://www.vupen.com/english/advisories/2008/1187/references ([email protected])
http://www.vupen.com/english/advisories/2008/1228/references ([email protected])
http://www.vupen.com/english/advisories/2008/1268/references ([email protected])
http://www.vupen.com/english/advisories/2008/1269/references ([email protected])
http://www.vupen.com/english/advisories/2008/1300/references ([email protected])
http://www.vupen.com/english/advisories/2008/1301/references ([email protected])
http://www.vupen.com/english/advisories/2008/1302/references ([email protected])
https://exchange.xforce.ibmcloud.com/vulnerabilities/41684 ([email protected])
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10026 ([email protected])
https://www.redhat.com/archives/fedora-package-announce/2008-April/msg00244.html ([email protected])
https://www.redhat.com/archives/fedora-package-announce/2008-April/msg00287.html ([email protected])
https://www.redhat.com/archives/fedora-package-announce/2008-April/msg00357.html ([email protected])
http://blog.kfish.org/2008/04/release-libfishsound-091.html (af854a3a-2127-422b-91ae-364da2661108)
http://lists.opensuse.org/opensuse-security-announce/2008-06/msg00001.html (af854a3a-2127-422b-91ae-364da2661108)
http://lists.xiph.org/pipermail/speex-dev/2008-April/006636.html (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/29672 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/29727 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/29835 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/29845 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/29854 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/29866 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/29878 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/29880 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/29881 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/29882 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/29898 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/30104 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/30117 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/30119 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/30337 (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/30353 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/30358 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/30581 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/30717 (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/31393 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://security.gentoo.org/glsa/glsa-200804-17.xml (af854a3a-2127-422b-91ae-364da2661108)
http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.460836 (af854a3a-2127-422b-91ae-364da2661108)
http://sourceforge.net/project/shownotes.php?release_id=592185 (af854a3a-2127-422b-91ae-364da2661108)
http://sourceforge.net/project/shownotes.php?release_id=592185&group_id=9655 (af854a3a-2127-422b-91ae-364da2661108)
http://www.debian.org/security/2008/dsa-1584 Patch (af854a3a-2127-422b-91ae-364da2661108)
http://www.debian.org/security/2008/dsa-1585 Patch (af854a3a-2127-422b-91ae-364da2661108)
http://www.debian.org/security/2008/dsa-1586 (af854a3a-2127-422b-91ae-364da2661108)
http://www.mandriva.com/security/advisories?name=MDVSA-2008:092 (af854a3a-2127-422b-91ae-364da2661108)
http://www.mandriva.com/security/advisories?name=MDVSA-2008:093 (af854a3a-2127-422b-91ae-364da2661108)
http://www.mandriva.com/security/advisories?name=MDVSA-2008:094 (af854a3a-2127-422b-91ae-364da2661108)
http://www.mandriva.com/security/advisories?name=MDVSA-2008:124 (af854a3a-2127-422b-91ae-364da2661108)
http://www.metadecks.org/software/sweep/news.html (af854a3a-2127-422b-91ae-364da2661108)
http://www.novell.com/linux/security/advisories/2008_13_sr.html (af854a3a-2127-422b-91ae-364da2661108)
http://www.ocert.org/advisories/ocert-2008-004.html (af854a3a-2127-422b-91ae-364da2661108)
http://www.ocert.org/advisories/ocert-2008-2.html (af854a3a-2127-422b-91ae-364da2661108)
http://www.redhat.com/support/errata/RHSA-2008-0235.html (af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/archive/1/491009/100/0/threaded (af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/bid/28665 Patch (af854a3a-2127-422b-91ae-364da2661108)
http://www.securitytracker.com/id?1019875 (af854a3a-2127-422b-91ae-364da2661108)
http://www.ubuntu.com/usn/usn-611-1 (af854a3a-2127-422b-91ae-364da2661108)
http://www.ubuntu.com/usn/usn-611-2 (af854a3a-2127-422b-91ae-364da2661108)
http://www.ubuntu.com/usn/usn-611-3 (af854a3a-2127-422b-91ae-364da2661108)
http://www.ubuntu.com/usn/usn-635-1 (af854a3a-2127-422b-91ae-364da2661108)
http://www.vupen.com/english/advisories/2008/1187/references (af854a3a-2127-422b-91ae-364da2661108)
http://www.vupen.com/english/advisories/2008/1228/references (af854a3a-2127-422b-91ae-364da2661108)
http://www.vupen.com/english/advisories/2008/1268/references (af854a3a-2127-422b-91ae-364da2661108)
http://www.vupen.com/english/advisories/2008/1269/references (af854a3a-2127-422b-91ae-364da2661108)
http://www.vupen.com/english/advisories/2008/1300/references (af854a3a-2127-422b-91ae-364da2661108)
http://www.vupen.com/english/advisories/2008/1301/references (af854a3a-2127-422b-91ae-364da2661108)
http://www.vupen.com/english/advisories/2008/1302/references (af854a3a-2127-422b-91ae-364da2661108)
https://exchange.xforce.ibmcloud.com/vulnerabilities/41684 (af854a3a-2127-422b-91ae-364da2661108)
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10026 (af854a3a-2127-422b-91ae-364da2661108)
https://www.redhat.com/archives/fedora-package-announce/2008-April/msg00244.html (af854a3a-2127-422b-91ae-364da2661108)
https://www.redhat.com/archives/fedora-package-announce/2008-April/msg00287.html (af854a3a-2127-422b-91ae-364da2661108)
https://www.redhat.com/archives/fedora-package-announce/2008-April/msg00357.html (af854a3a-2127-422b-91ae-364da2661108)