CVE-2008-1686
Published: 8 April 2008
Array index vulnerability in Speex 1.1.12 and earlier, as used in libfishsound 0.9.0 and earlier, including Illiminable DirectShow Filters and Annodex Plugins for Firefox, xine-lib before 1.1.12, and many other products, allows remote attackers to execute arbitrary code via a header structure containing a negative offset, which is used to dereference a function pointer.
Priority
Status
Package | Release | Status |
---|---|---|
gst-plugins-good0.10 Launchpad, Ubuntu, Debian |
dapper |
Released
(0.10.3-0ubuntu4.1)
|
feisty |
Released
(0.10.5-1ubuntu2.1)
|
|
gutsy |
Released
(0.10.6-0ubuntu4.1)
|
|
hardy |
Released
(0.10.7-3ubuntu0.1)
|
|
intrepid |
Not vulnerable
(0.10.8-2)
|
|
jaunty |
Not vulnerable
(0.10.8-2)
|
|
karmic |
Not vulnerable
(0.10.8-2)
|
|
lucid |
Not vulnerable
(0.10.8-2)
|
|
maverick |
Not vulnerable
(0.10.8-2)
|
|
natty |
Not vulnerable
(0.10.8-2)
|
|
oneiric |
Not vulnerable
(0.10.8-2)
|
|
upstream |
Released
(0.10.8)
|
|
libfishsound Launchpad, Ubuntu, Debian |
dapper |
Ignored
(reached end-of-life)
|
edgy |
Needed
(reached end-of-life)
|
|
feisty |
Needed
(reached end-of-life)
|
|
gutsy |
Needed
(reached end-of-life)
|
|
hardy |
Released
(0.7.0-2.1ubuntu0.1)
|
|
intrepid |
Not vulnerable
(0.7.0-2.3)
|
|
jaunty |
Not vulnerable
(0.7.0-2.3)
|
|
karmic |
Not vulnerable
(0.7.0-2.3)
|
|
lucid |
Not vulnerable
(0.7.0-2.3)
|
|
maverick |
Not vulnerable
(0.7.0-2.3)
|
|
natty |
Not vulnerable
(0.7.0-2.3)
|
|
oneiric |
Not vulnerable
(0.7.0-2.3)
|
|
upstream |
Released
(0.7.0-2.2)
|
|
speex Launchpad, Ubuntu, Debian |
dapper |
Released
(1.1.11.1-1ubuntu0.3)
|
edgy |
Needed
(reached end-of-life)
|
|
feisty |
Released
(1.1.12-3ubuntu0.7.04.1)
|
|
gutsy |
Released
(1.1.12-3ubuntu0.7.10.1)
|
|
hardy |
Released
(1.1.12-3ubuntu0.8.04.1)
|
|
intrepid |
Not vulnerable
(1.2~beta3.2-1)
|
|
jaunty |
Not vulnerable
(1.2~beta3.2-1)
|
|
karmic |
Not vulnerable
(1.2~beta3.2-1)
|
|
lucid |
Not vulnerable
(1.2~beta3.2-1)
|
|
maverick |
Not vulnerable
(1.2~beta3.2-1)
|
|
natty |
Not vulnerable
(1.2~beta3.2-1)
|
|
oneiric |
Not vulnerable
(1.2~beta3.2-1)
|
|
upstream |
Released
(1.2beta3.2)
|
|
sweep Launchpad, Ubuntu, Debian |
dapper |
Ignored
(reached end-of-life)
|
feisty |
Needed
(reached end-of-life)
|
|
gutsy |
Needed
(reached end-of-life)
|
|
hardy |
Ignored
(reached end-of-life)
|
|
intrepid |
Needed
(reached end-of-life)
|
|
jaunty |
Not vulnerable
(0.9.3-1)
|
|
karmic |
Not vulnerable
(0.9.3-1)
|
|
lucid |
Not vulnerable
(0.9.3-1)
|
|
maverick |
Not vulnerable
(0.9.3-1)
|
|
natty |
Not vulnerable
(0.9.3-1)
|
|
oneiric |
Not vulnerable
(0.9.3-1)
|
|
upstream |
Released
(0.9.3)
|
|
vlc Launchpad, Ubuntu, Debian |
dapper |
Ignored
(reached end-of-life)
|
feisty |
Needed
(reached end-of-life)
|
|
gutsy |
Needed
(reached end-of-life)
|
|
hardy |
Released
(0.8.6.release.e+x264svn20071224+faad2.6.1-0ubuntu3.1)
|
|
intrepid |
Released
(0.8.6.release.h-1ubuntu1)
|
|
jaunty |
Released
(0.8.6.release.h-1ubuntu1)
|
|
karmic |
Released
(0.8.6.release.h-1ubuntu1)
|
|
lucid |
Released
(0.8.6.release.h-1ubuntu1)
|
|
maverick |
Released
(0.8.6.release.h-1ubuntu1)
|
|
natty |
Released
(0.8.6.release.h-1ubuntu1)
|
|
oneiric |
Released
(0.8.6.release.h-1ubuntu1)
|
|
upstream |
Needs triage
|
|
vorbis-tools Launchpad, Ubuntu, Debian |
dapper |
Released
(1.1.1-3ubuntu0.1)
|
feisty |
Released
(1.1.1-6ubuntu0.1)
|
|
gutsy |
Released
(1.1.1-13ubuntu0.1)
|
|
hardy |
Released
(1.1.1-15ubuntu0.1)
|
|
intrepid |
Released
(1.2.0-2)
|
|
jaunty |
Released
(1.2.0-2)
|
|
karmic |
Released
(1.2.0-2)
|
|
lucid |
Released
(1.2.0-2)
|
|
maverick |
Released
(1.2.0-2)
|
|
natty |
Released
(1.2.0-2)
|
|
oneiric |
Released
(1.2.0-2)
|
|
upstream |
Needs triage
|
|
xine-lib Launchpad, Ubuntu, Debian |
dapper |
Released
(1.1.1+ubuntu2-7.9)
|
feisty |
Released
(1.1.4-2ubuntu3.1)
|
|
gutsy |
Released
(1.1.7-1ubuntu1.3)
|
|
hardy |
Released
(1.1.11.1-1ubuntu3.1)
|
|
intrepid |
Not vulnerable
(1.1.12-2ubuntu2)
|
|
jaunty |
Not vulnerable
(1.1.12-2ubuntu2)
|
|
karmic |
Not vulnerable
(1.1.12-2ubuntu2)
|
|
lucid |
Not vulnerable
(1.1.12-2ubuntu2)
|
|
maverick |
Not vulnerable
(1.1.12-2ubuntu2)
|
|
natty |
Not vulnerable
(1.1.12-2ubuntu2)
|
|
oneiric |
Not vulnerable
(1.1.12-2ubuntu2)
|
|
upstream |
Released
(1.1.12)
|
|
xmms-speex Launchpad, Ubuntu, Debian |
dapper |
Does not exist
|
feisty |
Needed
(reached end-of-life)
|
|
gutsy |
Needed
(reached end-of-life)
|
|
hardy |
Does not exist
|
|
intrepid |
Does not exist
|
|
jaunty |
Does not exist
|
|
karmic |
Does not exist
|
|
lucid |
Does not exist
|
|
maverick |
Does not exist
|
|
natty |
Does not exist
|
|
oneiric |
Does not exist
|
|
upstream |
Needs triage
|
Notes
Author | Note |
---|---|
jdstrand | upstream libfishsound should have a patch filed Debian bug #480059 for vorbis-tools (to hopefully get via merge in intrepid) Mandriva reference is a regression bug (and fix) for xine-lib |
References
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1686
- https://ubuntu.com/security/notices/USN-611-1
- https://ubuntu.com/security/notices/USN-611-2
- https://ubuntu.com/security/notices/USN-611-3
- https://ubuntu.com/security/notices/USN-635-1
- NVD
- Launchpad
- Debian