Your submission was sent successfully! Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

CVE-2008-1686

Published: 8 April 2008

Array index vulnerability in Speex 1.1.12 and earlier, as used in libfishsound 0.9.0 and earlier, including Illiminable DirectShow Filters and Annodex Plugins for Firefox, xine-lib before 1.1.12, and many other products, allows remote attackers to execute arbitrary code via a header structure containing a negative offset, which is used to dereference a function pointer.

Notes

AuthorNote
jdstrand
upstream libfishsound should have a patch
filed Debian bug #480059 for vorbis-tools (to hopefully get via
merge in intrepid)
Mandriva reference is a regression bug (and fix) for xine-lib

Priority

Medium

Status

Package Release Status
gst-plugins-good0.10
Launchpad, Ubuntu, Debian
dapper
Released (0.10.3-0ubuntu4.1)
feisty
Released (0.10.5-1ubuntu2.1)
gutsy
Released (0.10.6-0ubuntu4.1)
hardy
Released (0.10.7-3ubuntu0.1)
intrepid Not vulnerable
(0.10.8-2)
jaunty Not vulnerable
(0.10.8-2)
karmic Not vulnerable
(0.10.8-2)
lucid Not vulnerable
(0.10.8-2)
maverick Not vulnerable
(0.10.8-2)
natty Not vulnerable
(0.10.8-2)
oneiric Not vulnerable
(0.10.8-2)
upstream
Released (0.10.8)
Patches:
vendor: http://www.mandriva.com/en/security/advisories?name=MDVSA-2008:092
upstream: http://webcvs.freedesktop.org/gstreamer/gst-plugins-good/ext/speex/gstspeexdec.c?r1=1.40&r2=1.41






libfishsound
Launchpad, Ubuntu, Debian
dapper Ignored
(end of life)
edgy Ignored
(end of life, was needed)
feisty Ignored
(end of life, was needed)
gutsy Ignored
(end of life, was needed)
hardy
Released (0.7.0-2.1ubuntu0.1)
intrepid Not vulnerable
(0.7.0-2.3)
jaunty Not vulnerable
(0.7.0-2.3)
karmic Not vulnerable
(0.7.0-2.3)
lucid Not vulnerable
(0.7.0-2.3)
maverick Not vulnerable
(0.7.0-2.3)
natty Not vulnerable
(0.7.0-2.3)
oneiric Not vulnerable
(0.7.0-2.3)
upstream
Released (0.7.0-2.2)
speex
Launchpad, Ubuntu, Debian
dapper
Released (1.1.11.1-1ubuntu0.3)
edgy Ignored
(end of life, was needed)
feisty
Released (1.1.12-3ubuntu0.7.04.1)
gutsy
Released (1.1.12-3ubuntu0.7.10.1)
hardy
Released (1.1.12-3ubuntu0.8.04.1)
intrepid Not vulnerable
(1.2~beta3.2-1)
jaunty Not vulnerable
(1.2~beta3.2-1)
karmic Not vulnerable
(1.2~beta3.2-1)
lucid Not vulnerable
(1.2~beta3.2-1)
maverick Not vulnerable
(1.2~beta3.2-1)
natty Not vulnerable
(1.2~beta3.2-1)
oneiric Not vulnerable
(1.2~beta3.2-1)
upstream
Released (1.2beta3.2)
Patches:


vendor: http://www.mandriva.com/en/security/advisories?name=MDVSA-2008:094
vendor: http://rhn.redhat.com/errata/RHSA-2008-0235.html




sweep
Launchpad, Ubuntu, Debian
dapper Ignored
(end of life)
feisty Ignored
(end of life, was needed)
gutsy Ignored
(end of life, was needed)
hardy Ignored
(end of life)
intrepid Ignored
(end of life, was needed)
jaunty Not vulnerable
(0.9.3-1)
karmic Not vulnerable
(0.9.3-1)
lucid Not vulnerable
(0.9.3-1)
maverick Not vulnerable
(0.9.3-1)
natty Not vulnerable
(0.9.3-1)
oneiric Not vulnerable
(0.9.3-1)
upstream
Released (0.9.3)
vlc
Launchpad, Ubuntu, Debian
dapper Ignored
(end of life)
feisty Ignored
(end of life, was needed)
gutsy Ignored
(end of life, was needed)
hardy
Released (0.8.6.release.e+x264svn20071224+faad2.6.1-0ubuntu3.1)
intrepid
Released (0.8.6.release.h-1ubuntu1)
jaunty
Released (0.8.6.release.h-1ubuntu1)
karmic
Released (0.8.6.release.h-1ubuntu1)
lucid
Released (0.8.6.release.h-1ubuntu1)
maverick
Released (0.8.6.release.h-1ubuntu1)
natty
Released (0.8.6.release.h-1ubuntu1)
oneiric
Released (0.8.6.release.h-1ubuntu1)
upstream Needs triage

Patches:




other: http://trac.videolan.org/vlc/changeset/c1c81073e661f7d80197711ab11753e1e170b44c



vorbis-tools
Launchpad, Ubuntu, Debian
dapper
Released (1.1.1-3ubuntu0.1)
feisty
Released (1.1.1-6ubuntu0.1)
gutsy
Released (1.1.1-13ubuntu0.1)
hardy
Released (1.1.1-15ubuntu0.1)
intrepid
Released (1.2.0-2)
jaunty
Released (1.2.0-2)
karmic
Released (1.2.0-2)
lucid
Released (1.2.0-2)
maverick
Released (1.2.0-2)
natty
Released (1.2.0-2)
oneiric
Released (1.2.0-2)
upstream Needs triage

Patches:





vendor: http://www.mandriva.com/en/security/advisories?name=MDVSA-2008:093
upstream: https://trac.xiph.org/changeset/14701

xine-lib
Launchpad, Ubuntu, Debian
dapper
Released (1.1.1+ubuntu2-7.9)
feisty
Released (1.1.4-2ubuntu3.1)
gutsy
Released (1.1.7-1ubuntu1.3)
hardy
Released (1.1.11.1-1ubuntu3.1)
intrepid Not vulnerable
(1.1.12-2ubuntu2)
jaunty Not vulnerable
(1.1.12-2ubuntu2)
karmic Not vulnerable
(1.1.12-2ubuntu2)
lucid Not vulnerable
(1.1.12-2ubuntu2)
maverick Not vulnerable
(1.1.12-2ubuntu2)
natty Not vulnerable
(1.1.12-2ubuntu2)
oneiric Not vulnerable
(1.1.12-2ubuntu2)
upstream
Released (1.1.12)
Patches:







other: http://hg.debian.org/hg/xine-lib/xine-lib/?cmd=changeset;node=d8e1305c13820b82d896f7bc77d196b9c9645dd6;style=raw
xmms-speex
Launchpad, Ubuntu, Debian
dapper Does not exist

feisty Ignored
(end of life, was needed)
gutsy Ignored
(end of life, was needed)
hardy Does not exist

intrepid Does not exist

jaunty Does not exist

karmic Does not exist

lucid Does not exist

maverick Does not exist

natty Does not exist

oneiric Does not exist

upstream Needs triage