← voltar
CVE-2008-1686

CVE-2008-1686

EPSS 6.1%
Array index vulnerability in Speex 1.1.12 and earlier, as used in libfishsound 0.9.0 and earlier, including Illiminable DirectShow Filters and Annodex Plugins for Firefox, xine-lib before 1.1.12, and many other products, allows remote attackers to execute arbitrary code via a header structure containing a negative offset, which is used to dereference a function pointer.
Produtos afetados
n/a · n/a

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
http://blog.kfish.org/2008/04/release-libfishsound-091.htmlhttp://lists.opensuse.org/opensuse-security-announce/2008-06/msg00001.htmlhttp://lists.xiph.org/pipermail/speex-dev/2008-April/006636.htmlhttp://secunia.com/advisories/29672http://secunia.com/advisories/29727http://secunia.com/advisories/29835http://secunia.com/advisories/29845http://secunia.com/advisories/29854http://secunia.com/advisories/29866http://secunia.com/advisories/29878http://secunia.com/advisories/29880http://secunia.com/advisories/29881