CVE-2008-1686
Published: 8 April 2008
Array index vulnerability in Speex 1.1.12 and earlier, as used in libfishsound 0.9.0 and earlier, including Illiminable DirectShow Filters and Annodex Plugins for Firefox, xine-lib before 1.1.12, and many other products, allows remote attackers to execute arbitrary code via a header structure containing a negative offset, which is used to dereference a function pointer.
Notes
Author | Note |
---|---|
jdstrand | upstream libfishsound should have a patch filed Debian bug #480059 for vorbis-tools (to hopefully get via merge in intrepid) Mandriva reference is a regression bug (and fix) for xine-lib |
Priority
Status
Package | Release | Status |
---|---|---|
gst-plugins-good0.10 Launchpad, Ubuntu, Debian |
dapper |
Released
(0.10.3-0ubuntu4.1)
|
feisty |
Released
(0.10.5-1ubuntu2.1)
|
|
gutsy |
Released
(0.10.6-0ubuntu4.1)
|
|
hardy |
Released
(0.10.7-3ubuntu0.1)
|
|
intrepid |
Not vulnerable
(0.10.8-2)
|
|
jaunty |
Not vulnerable
(0.10.8-2)
|
|
karmic |
Not vulnerable
(0.10.8-2)
|
|
lucid |
Not vulnerable
(0.10.8-2)
|
|
maverick |
Not vulnerable
(0.10.8-2)
|
|
natty |
Not vulnerable
(0.10.8-2)
|
|
oneiric |
Not vulnerable
(0.10.8-2)
|
|
upstream |
Released
(0.10.8)
|
|
Patches: vendor: http://www.mandriva.com/en/security/advisories?name=MDVSA-2008:092 upstream: http://webcvs.freedesktop.org/gstreamer/gst-plugins-good/ext/speex/gstspeexdec.c?r1=1.40&r2=1.41 |
||
libfishsound Launchpad, Ubuntu, Debian |
dapper |
Ignored
(end of life)
|
edgy |
Ignored
(end of life, was needed)
|
|
feisty |
Ignored
(end of life, was needed)
|
|
gutsy |
Ignored
(end of life, was needed)
|
|
hardy |
Released
(0.7.0-2.1ubuntu0.1)
|
|
intrepid |
Not vulnerable
(0.7.0-2.3)
|
|
jaunty |
Not vulnerable
(0.7.0-2.3)
|
|
karmic |
Not vulnerable
(0.7.0-2.3)
|
|
lucid |
Not vulnerable
(0.7.0-2.3)
|
|
maverick |
Not vulnerable
(0.7.0-2.3)
|
|
natty |
Not vulnerable
(0.7.0-2.3)
|
|
oneiric |
Not vulnerable
(0.7.0-2.3)
|
|
upstream |
Released
(0.7.0-2.2)
|
|
speex Launchpad, Ubuntu, Debian |
dapper |
Released
(1.1.11.1-1ubuntu0.3)
|
edgy |
Ignored
(end of life, was needed)
|
|
feisty |
Released
(1.1.12-3ubuntu0.7.04.1)
|
|
gutsy |
Released
(1.1.12-3ubuntu0.7.10.1)
|
|
hardy |
Released
(1.1.12-3ubuntu0.8.04.1)
|
|
intrepid |
Not vulnerable
(1.2~beta3.2-1)
|
|
jaunty |
Not vulnerable
(1.2~beta3.2-1)
|
|
karmic |
Not vulnerable
(1.2~beta3.2-1)
|
|
lucid |
Not vulnerable
(1.2~beta3.2-1)
|
|
maverick |
Not vulnerable
(1.2~beta3.2-1)
|
|
natty |
Not vulnerable
(1.2~beta3.2-1)
|
|
oneiric |
Not vulnerable
(1.2~beta3.2-1)
|
|
upstream |
Released
(1.2beta3.2)
|
|
Patches: vendor: http://www.mandriva.com/en/security/advisories?name=MDVSA-2008:094 vendor: http://rhn.redhat.com/errata/RHSA-2008-0235.html |
||
sweep Launchpad, Ubuntu, Debian |
dapper |
Ignored
(end of life)
|
feisty |
Ignored
(end of life, was needed)
|
|
gutsy |
Ignored
(end of life, was needed)
|
|
hardy |
Ignored
(end of life)
|
|
intrepid |
Ignored
(end of life, was needed)
|
|
jaunty |
Not vulnerable
(0.9.3-1)
|
|
karmic |
Not vulnerable
(0.9.3-1)
|
|
lucid |
Not vulnerable
(0.9.3-1)
|
|
maverick |
Not vulnerable
(0.9.3-1)
|
|
natty |
Not vulnerable
(0.9.3-1)
|
|
oneiric |
Not vulnerable
(0.9.3-1)
|
|
upstream |
Released
(0.9.3)
|
|
vlc Launchpad, Ubuntu, Debian |
dapper |
Ignored
(end of life)
|
feisty |
Ignored
(end of life, was needed)
|
|
gutsy |
Ignored
(end of life, was needed)
|
|
hardy |
Released
(0.8.6.release.e+x264svn20071224+faad2.6.1-0ubuntu3.1)
|
|
intrepid |
Released
(0.8.6.release.h-1ubuntu1)
|
|
jaunty |
Released
(0.8.6.release.h-1ubuntu1)
|
|
karmic |
Released
(0.8.6.release.h-1ubuntu1)
|
|
lucid |
Released
(0.8.6.release.h-1ubuntu1)
|
|
maverick |
Released
(0.8.6.release.h-1ubuntu1)
|
|
natty |
Released
(0.8.6.release.h-1ubuntu1)
|
|
oneiric |
Released
(0.8.6.release.h-1ubuntu1)
|
|
upstream |
Needs triage
|
|
Patches: other: http://trac.videolan.org/vlc/changeset/c1c81073e661f7d80197711ab11753e1e170b44c |
||
vorbis-tools Launchpad, Ubuntu, Debian |
dapper |
Released
(1.1.1-3ubuntu0.1)
|
feisty |
Released
(1.1.1-6ubuntu0.1)
|
|
gutsy |
Released
(1.1.1-13ubuntu0.1)
|
|
hardy |
Released
(1.1.1-15ubuntu0.1)
|
|
intrepid |
Released
(1.2.0-2)
|
|
jaunty |
Released
(1.2.0-2)
|
|
karmic |
Released
(1.2.0-2)
|
|
lucid |
Released
(1.2.0-2)
|
|
maverick |
Released
(1.2.0-2)
|
|
natty |
Released
(1.2.0-2)
|
|
oneiric |
Released
(1.2.0-2)
|
|
upstream |
Needs triage
|
|
Patches: vendor: http://www.mandriva.com/en/security/advisories?name=MDVSA-2008:093 upstream: https://trac.xiph.org/changeset/14701 |
||
xine-lib Launchpad, Ubuntu, Debian |
dapper |
Released
(1.1.1+ubuntu2-7.9)
|
feisty |
Released
(1.1.4-2ubuntu3.1)
|
|
gutsy |
Released
(1.1.7-1ubuntu1.3)
|
|
hardy |
Released
(1.1.11.1-1ubuntu3.1)
|
|
intrepid |
Not vulnerable
(1.1.12-2ubuntu2)
|
|
jaunty |
Not vulnerable
(1.1.12-2ubuntu2)
|
|
karmic |
Not vulnerable
(1.1.12-2ubuntu2)
|
|
lucid |
Not vulnerable
(1.1.12-2ubuntu2)
|
|
maverick |
Not vulnerable
(1.1.12-2ubuntu2)
|
|
natty |
Not vulnerable
(1.1.12-2ubuntu2)
|
|
oneiric |
Not vulnerable
(1.1.12-2ubuntu2)
|
|
upstream |
Released
(1.1.12)
|
|
Patches: other: http://hg.debian.org/hg/xine-lib/xine-lib/?cmd=changeset;node=d8e1305c13820b82d896f7bc77d196b9c9645dd6;style=raw |
||
xmms-speex Launchpad, Ubuntu, Debian |
dapper |
Does not exist
|
feisty |
Ignored
(end of life, was needed)
|
|
gutsy |
Ignored
(end of life, was needed)
|
|
hardy |
Does not exist
|
|
intrepid |
Does not exist
|
|
jaunty |
Does not exist
|
|
karmic |
Does not exist
|
|
lucid |
Does not exist
|
|
maverick |
Does not exist
|
|
natty |
Does not exist
|
|
oneiric |
Does not exist
|
|
upstream |
Needs triage
|