Exploit the possiblities
Showing 1 - 13 of 13 RSS Feed

CVE-2008-1686

Status Candidate

Overview

Array index vulnerability in Speex 1.1.12 and earlier, as used in libfishsound 0.9.0 and earlier, including Illiminable DirectShow Filters and Annodex Plugins for Firefox, xine-lib before 1.1.12, and many other products, allows remote attackers to execute arbitrary code via a header structure containing a negative offset, which is used to dereference a function pointer.

Related Files

Ubuntu Security Notice 635-1
Posted Aug 6, 2008
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 635-1 - Many xine-lib arbitrary code execution vulnerabilities have been addressed in Ubuntu.

tags | advisory, arbitrary, vulnerability, code execution
systems | linux, ubuntu
advisories | CVE-2008-0073, CVE-2008-0225, CVE-2008-0238, CVE-2008-0486, CVE-2008-1110, CVE-2008-1161, CVE-2008-1482, CVE-2008-1686, CVE-2008-1878
MD5 | 18e67271d5c2ceec08da5c9d1f27e46e
Mandriva Linux Security Advisory 2008-124
Posted Jun 27, 2008
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory - A vulnerability in the Speex library was found where it did not properly validate input values read from the Speex files headers. An attacker could create a malicious Speex file that would crash an application or potentially allow the execution of arbitrary code with the privileges of the application calling the Speex library. Xine-lib is similarly affected by this issue. As well, the previous version of xine as provided in Mandriva Linux 2008.1 would crash when playing matroska files, and a regression was introduced that prevented Amarok from playing m4a files.

tags | advisory, arbitrary
systems | linux, mandriva
advisories | CVE-2008-1686
MD5 | dd7ca66a9032bad00eb87dc64def01d7
Debian Linux Security Advisory 1586-1
Posted May 22, 2008
Authored by Debian | Site debian.org

Debian Security Advisory 1586-1 - Multiple vulnerabilities have been discovered in xine-lib, a library which supplies most of the application functionality of the xine multimedia player. Integer overflow vulnerabilities exist in xine's FLV, QuickTime, RealMedia, MVE and CAK demuxers, as well as the EBML parser used by the Matroska demuxer. Insufficient input validation in the Speex implementation used by this version of xine enables an invalid array access and the execution of arbitrary code by supplying a maliciously crafted Speex file. Inadequate bounds checking in the NES Sound Format (NSF) demuxer enables a stack buffer overflow and the execution of arbitrary code through a maliciously crafted NSF file.

tags | advisory, overflow, arbitrary, vulnerability
systems | linux, debian
advisories | CVE-2008-1482, CVE-2008-1686, CVE-2008-1878
MD5 | 1c9f92bc85f505e380ecfca8fd866b8c
Debian Linux Security Advisory 1585-1
Posted May 22, 2008
Authored by Debian | Site debian.org

Debian Security Advisory 1585-1 - It was discovered that speex, The Speex codec command line tools, did not correctly did not correctly deal with negative offsets in a particular header field. This could allow a malicious file to execute arbitrary code.

tags | advisory, arbitrary
systems | linux, debian
advisories | CVE-2008-1686
MD5 | 6e6b3fb8c6b928ee12e90b4ebedd2f50
Debian Linux Security Advisory 1584-1
Posted May 22, 2008
Authored by Debian | Site debian.org

Debian Security Advisory 1584-1 - It was discovered that libfishsound, a simple programming interface that wraps Xiph.Org audio codecs, didn't correctly handle negative values in a particular header field. This could allow malicious files to execute arbitrary code.

tags | advisory, arbitrary
systems | linux, debian
advisories | CVE-2008-1686
MD5 | f19fb5a9a9765a41edf16fe3a08f13ba
Ubuntu Security Notice 611-3
Posted May 9, 2008
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 611-3 - USN-611-1 fixed a vulnerability in Speex. This update provides the corresponding update for GStreamer Good Plugins. It was discovered that Speex did not properly validate its input when processing Speex file headers. If a user or automated system were tricked into opening a specially crafted Speex file, an attacker could create a denial of service in applications linked against Speex or possibly execute arbitrary code as the user invoking the program.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2008-1686
MD5 | 26dd30b7333f05b291b099650b8a9e89
Ubuntu Security Notice 611-2
Posted May 9, 2008
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 611-2 - USN-611-1 fixed a vulnerability in Speex. This update provides the corresponding update for ogg123, part of vorbis-tools. It was discovered that Speex did not properly validate its input when processing Speex file headers. If a user or automated system were tricked into opening a specially crafted Speex file, an attacker could create a denial of service in applications linked against Speex or possibly execute arbitrary code as the user invoking the program.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2008-1686
MD5 | a2c8b46ce1f3301d099c7eb67973f3b0
Ubuntu Security Notice 611-1
Posted May 9, 2008
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 611-1 - It was discovered that Speex did not properly validate its input when processing Speex file headers. If a user or automated system were tricked into opening a specially crafted Speex file, an attacker could create a denial of service in applications linked against Speex or possibly execute arbitrary code as the user invoking the program.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2008-1686
MD5 | 218704e90625568f9bf94f8cb18d0063
Mandriva Linux Security Advisory 2008-094
Posted Apr 30, 2008
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory - A vulnerability in the Speex library was found where it did not properly validate input values read from the Speex files headers. An attacker could create a malicious Speex file that would crash an application or potentially allow the execution of arbitrary code with the privileges of the application calling the Speex library.

tags | advisory, arbitrary
systems | linux, mandriva
advisories | CVE-2008-1686
MD5 | c3058a0c68a5329507b9199eb2357374
Mandriva Linux Security Advisory 2008-093
Posted Apr 30, 2008
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory - A vulnerability in the Speex library was found where it did not properly validate input values read from the Speex files headers. An attacker could create a malicious Speex file that would crash an application or potentially allow the execution of arbitrary code with the privileges of the application calling the Speex library. The ogg123 application in vorbis-tools is similarly affected by this issue.

tags | advisory, arbitrary
systems | linux, mandriva
advisories | CVE-2008-1686
MD5 | c6dba30f19bdce266467d0eb81876aeb
Mandriva Linux Security Advisory 2008-092
Posted Apr 30, 2008
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory - A vulnerability in the Speex library was found where it did not properly validate input values read from the Speex files headers. An attacker could create a malicious Speex file that would crash an application or potentially allow the execution of arbitrary code with the privileges of the application calling the Speex library. The speex plugin in the gstreamer-plugins-good package is similarly affected by this issue.

tags | advisory, arbitrary
systems | linux, mandriva
advisories | CVE-2008-1686
MD5 | a7927b2bc291db5b5346c884eaa8ee12
Gentoo Linux Security Advisory 200804-17
Posted Apr 17, 2008
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200804-17 - oCERT reported that the Speex library does not properly validate the mode value it derives from Speex streams, allowing for array indexing vulnerabilities inside multiple player applications. Within Gentoo, xine-lib, VLC, gst-plugins-speex from the GStreamer Good Plug-ins, vorbis-tools, libfishsound, Sweep, SDL_sound, and speexdec were found to be vulnerable. Versions less than 1.2_beta3_p2 are affected.

tags | advisory, vulnerability
systems | linux, gentoo
advisories | CVE-2008-1686
MD5 | ee288931bf1cd9a812264b858cb2b855
Open Source CERT Security Advisory 2008.4
Posted Apr 17, 2008
Authored by Andrea Barisani, Open Source CERT | Site ocert.org

The reference speex decoder from the Speex library performs insufficient boundary checks on a header structure read from user input, this has been reported in oCERT-2008-002 advisory. Further investigation showed that several packages include similar code and are therefore vulnerable.

tags | advisory
advisories | CVE-2008-1686
MD5 | 51e341fb5d9d1dddb0849ae4adcf0490
Page 1 of 1
Back1Next

Want To Donate?


Bitcoin: 18PFeCVLwpmaBuQqd5xAYZ8bZdvbyEWMmU

File Archive:

January 2018

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jan 1st
    2 Files
  • 2
    Jan 2nd
    13 Files
  • 3
    Jan 3rd
    16 Files
  • 4
    Jan 4th
    39 Files
  • 5
    Jan 5th
    26 Files
  • 6
    Jan 6th
    40 Files
  • 7
    Jan 7th
    2 Files
  • 8
    Jan 8th
    16 Files
  • 9
    Jan 9th
    25 Files
  • 10
    Jan 10th
    28 Files
  • 11
    Jan 11th
    44 Files
  • 12
    Jan 12th
    32 Files
  • 13
    Jan 13th
    2 Files
  • 14
    Jan 14th
    4 Files
  • 15
    Jan 15th
    31 Files
  • 16
    Jan 16th
    15 Files
  • 17
    Jan 17th
    16 Files
  • 18
    Jan 18th
    24 Files
  • 19
    Jan 19th
    15 Files
  • 20
    Jan 20th
    5 Files
  • 21
    Jan 21st
    0 Files
  • 22
    Jan 22nd
    0 Files
  • 23
    Jan 23rd
    0 Files
  • 24
    Jan 24th
    0 Files
  • 25
    Jan 25th
    0 Files
  • 26
    Jan 26th
    0 Files
  • 27
    Jan 27th
    0 Files
  • 28
    Jan 28th
    0 Files
  • 29
    Jan 29th
    0 Files
  • 30
    Jan 30th
    0 Files
  • 31
    Jan 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2018 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close