Executive Summary
Summary | |
---|---|
Title | Speex vulnerability |
Informations | |||
---|---|---|---|
Name | USN-611-1 | First vendor Publication | 2008-05-08 |
Vendor | Ubuntu | Last vendor Modification | 2008-05-08 |
Severity (Vendor) | N/A | Revision | N/A |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:M/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 9.3 | Attack Range | Network |
Cvss Impact Score | 10 | Attack Complexity | Medium |
Cvss Expoit Score | 8.6 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
A security issue affects the following Ubuntu releases: Ubuntu 6.06 LTS Ubuntu 7.04 Ubuntu 7.10 Ubuntu 8.04 LTS This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 6.06 LTS: Ubuntu 7.04: Ubuntu 7.10: Ubuntu 8.04 LTS: After a standard system upgrade you need to restart applications linked against Speex to effect the necessary changes. Details follow: It was discovered that Speex did not properly validate its input when processing Speex file headers. If a user or automated system were tricked into opening a specially crafted Speex file, an attacker could create a denial of service in applications linked against Speex or possibly execute arbitrary code as the user invoking the program. |
Original Source
Url : http://www.ubuntu.com/usn/USN-611-1 |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
100 % | CWE-189 | Numeric Errors (CWE/SANS Top 25) |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:10026 | |||
Oval ID: | oval:org.mitre.oval:def:10026 | ||
Title: | Array index vulnerability in Speex 1.1.12 and earlier, as used in libfishsound 0.9.0 and earlier, including Illiminable DirectShow Filters and Annodex Plugins for Firefox, xine-lib before 1.1.12, and many other products, allows remote attackers to execute arbitrary code via a header structure containing a negative offset, which is used to dereference a function pointer. | ||
Description: | Array index vulnerability in Speex 1.1.12 and earlier, as used in libfishsound 0.9.0 and earlier, including Illiminable DirectShow Filters and Annodex Plugins for Firefox, xine-lib before 1.1.12, and many other products, allows remote attackers to execute arbitrary code via a header structure containing a negative offset, which is used to dereference a function pointer. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2008-1686 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:17457 | |||
Oval ID: | oval:org.mitre.oval:def:17457 | ||
Title: | USN-611-2 -- vorbis-tools vulnerability | ||
Description: | USN-611-1 fixed a vulnerability in Speex. | ||
Family: | unix | Class: | patch |
Reference(s): | USN-611-2 CVE-2008-1686 | Version: | 7 |
Platform(s): | Ubuntu 6.06 Ubuntu 7.04 Ubuntu 7.10 Ubuntu 8.04 | Product(s): | vorbis-tools |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:17553 | |||
Oval ID: | oval:org.mitre.oval:def:17553 | ||
Title: | USN-611-1 -- speex vulnerability | ||
Description: | It was discovered that Speex did not properly validate its input when processing Speex file headers. | ||
Family: | unix | Class: | patch |
Reference(s): | USN-611-1 CVE-2008-1686 | Version: | 7 |
Platform(s): | Ubuntu 6.06 Ubuntu 7.04 Ubuntu 7.10 Ubuntu 8.04 | Product(s): | speex |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:17732 | |||
Oval ID: | oval:org.mitre.oval:def:17732 | ||
Title: | USN-611-3 -- gst-plugins-good0.10 vulnerability | ||
Description: | USN-611-1 fixed a vulnerability in Speex. | ||
Family: | unix | Class: | patch |
Reference(s): | USN-611-3 CVE-2008-1686 | Version: | 7 |
Platform(s): | Ubuntu 6.06 Ubuntu 7.04 Ubuntu 7.10 Ubuntu 8.04 | Product(s): | gst-plugins-good0.10 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:18615 | |||
Oval ID: | oval:org.mitre.oval:def:18615 | ||
Title: | DSA-1584-1 libfishsound - integer overflow | ||
Description: | It was discovered that libfishsound, a simple programming interface that wraps Xiph.Org audio codecs, didn't correctly handle negative values in a particular header field. This could allow malicious files to execute arbitrary code. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-1584-1 CVE-2008-1686 | Version: | 7 |
Platform(s): | Debian GNU/Linux 4.0 | Product(s): | libfishsound |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:20293 | |||
Oval ID: | oval:org.mitre.oval:def:20293 | ||
Title: | DSA-1585-1 speex - integer overflow | ||
Description: | It was discovered that speex, the Speex codec command line tools, did not correctly deal with negative offsets in a particular header field. This could allow a malicious file to execute arbitrary code. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-1585-1 CVE-2008-1686 | Version: | 5 |
Platform(s): | Debian GNU/Linux 4.0 | Product(s): | speex |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:22410 | |||
Oval ID: | oval:org.mitre.oval:def:22410 | ||
Title: | ELSA-2008:0235: speex security update (Important) | ||
Description: | Array index vulnerability in Speex 1.1.12 and earlier, as used in libfishsound 0.9.0 and earlier, including Illiminable DirectShow Filters and Annodex Plugins for Firefox, xine-lib before 1.1.12, and many other products, allows remote attackers to execute arbitrary code via a header structure containing a negative offset, which is used to dereference a function pointer. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2008:0235-01 CVE-2008-1686 | Version: | 6 |
Platform(s): | Oracle Linux 5 | Product(s): | speex |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:7912 | |||
Oval ID: | oval:org.mitre.oval:def:7912 | ||
Title: | DSA-1585 speex -- integer overflow | ||
Description: | It was discovered that speex, the Speex codec command line tools, did not correctly deal with negative offsets in a particular header field. This could allow a malicious file to execute arbitrary code. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-1585 CVE-2008-1686 | Version: | 3 |
Platform(s): | Debian GNU/Linux 4.0 | Product(s): | speex |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:8197 | |||
Oval ID: | oval:org.mitre.oval:def:8197 | ||
Title: | DSA-1584 libfishsound -- buffer overflow | ||
Description: | It was discovered that libfishsound, a simple programming interface that wraps Xiph.Org audio codecs, didn't correctly handle negative values in a particular header field. This could allow malicious files to execute arbitrary code. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-1584 CVE-2008-1686 | Version: | 3 |
Platform(s): | Debian GNU/Linux 4.0 | Product(s): | libfishsound |
Definition Synopsis: | |||
CPE : Common Platform Enumeration
OpenVAS Exploits
Date | Description |
---|---|
2009-04-09 | Name : Mandriva Update for gstreamer-plugins-good MDVSA-2008:092 (gstreamer-plugins... File : nvt/gb_mandriva_MDVSA_2008_092.nasl |
2009-04-09 | Name : Mandriva Update for vorbis-tools MDVSA-2008:093 (vorbis-tools) File : nvt/gb_mandriva_MDVSA_2008_093.nasl |
2009-04-09 | Name : Mandriva Update for speex MDVSA-2008:094 (speex) File : nvt/gb_mandriva_MDVSA_2008_094.nasl |
2009-04-09 | Name : Mandriva Update for xine-lib MDVSA-2008:124 (xine-lib) File : nvt/gb_mandriva_MDVSA_2008_124.nasl |
2009-03-23 | Name : Ubuntu Update for xine-lib vulnerabilities USN-635-1 File : nvt/gb_ubuntu_USN_635_1.nasl |
2009-03-23 | Name : Ubuntu Update for gst-plugins-good0.10 vulnerability USN-611-3 File : nvt/gb_ubuntu_USN_611_3.nasl |
2009-03-23 | Name : Ubuntu Update for vorbis-tools vulnerability USN-611-2 File : nvt/gb_ubuntu_USN_611_2.nasl |
2009-03-23 | Name : Ubuntu Update for speex vulnerability USN-611-1 File : nvt/gb_ubuntu_USN_611_1.nasl |
2009-03-06 | Name : RedHat Update for speex RHSA-2008:0235-01 File : nvt/gb_RHSA-2008_0235-01_speex.nasl |
2009-02-27 | Name : CentOS Update for speex CESA-2008:0235 centos4 i386 File : nvt/gb_CESA-2008_0235_speex_centos4_i386.nasl |
2009-02-27 | Name : CentOS Update for speex CESA-2008:0235 centos4 x86_64 File : nvt/gb_CESA-2008_0235_speex_centos4_x86_64.nasl |
2009-02-17 | Name : Fedora Update for libfishsound FEDORA-2008-3059 File : nvt/gb_fedora_2008_3059_libfishsound_fc8.nasl |
2009-02-17 | Name : Fedora Update for speex FEDORA-2008-3103 File : nvt/gb_fedora_2008_3103_speex_fc8.nasl |
2009-02-17 | Name : Fedora Update for libfishsound FEDORA-2008-3117 File : nvt/gb_fedora_2008_3117_libfishsound_fc7.nasl |
2009-02-17 | Name : Fedora Update for speex FEDORA-2008-3191 File : nvt/gb_fedora_2008_3191_speex_fc7.nasl |
2008-09-24 | Name : Gentoo Security Advisory GLSA 200804-17 (speex) File : nvt/glsa_200804_17.nasl |
2008-09-04 | Name : FreeBSD Ports: vorbis-tools File : nvt/freebsd_vorbis-tools.nasl |
2008-09-04 | Name : FreeBSD Ports: libxine File : nvt/freebsd_libxine9.nasl |
2008-05-27 | Name : Debian Security Advisory DSA 1586-1 (xine-lib) File : nvt/deb_1586_1.nasl |
2008-05-27 | Name : Debian Security Advisory DSA 1584-1 (libfishsound) File : nvt/deb_1584_1.nasl |
0000-00-00 | Name : Slackware Advisory SSA:2008-111-01 xine-lib File : nvt/esoft_slk_ssa_2008_111_01.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
44143 | libfishsound Speex Decoder Header Structure Handling Arbitrary Code Execution |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2008-0235.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20080416_speex_on_SL4_x.nasl - Type : ACT_GATHER_INFO |
2011-01-27 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_xine-devel-5304.nasl - Type : ACT_GATHER_INFO |
2011-01-27 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_vorbis-tools-5302.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2008-124.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2008-094.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote Mandriva Linux host is missing a security update. File : mandriva_MDVSA-2008-093.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2008-092.nasl - Type : ACT_GATHER_INFO |
2008-08-20 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-635-1.nasl - Type : ACT_GATHER_INFO |
2008-07-08 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_speex-5364.nasl - Type : ACT_GATHER_INFO |
2008-06-12 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_gstreamer010-plugins-good-5185.nasl - Type : ACT_GATHER_INFO |
2008-06-12 | Name : The remote openSUSE host is missing a security update. File : suse_gstreamer010-plugins-good-5195.nasl - Type : ACT_GATHER_INFO |
2008-06-04 | Name : The remote openSUSE host is missing a security update. File : suse_vorbis-tools-5192.nasl - Type : ACT_GATHER_INFO |
2008-06-04 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_vorbis-tools-5193.nasl - Type : ACT_GATHER_INFO |
2008-05-23 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1586.nasl - Type : ACT_GATHER_INFO |
2008-05-22 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1585.nasl - Type : ACT_GATHER_INFO |
2008-05-22 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1584.nasl - Type : ACT_GATHER_INFO |
2008-05-20 | Name : The remote Fedora host is missing a security update. File : fedora_2008-3117.nasl - Type : ACT_GATHER_INFO |
2008-05-20 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_xine-devel-5205.nasl - Type : ACT_GATHER_INFO |
2008-05-20 | Name : The remote openSUSE host is missing a security update. File : suse_xine-devel-5204.nasl - Type : ACT_GATHER_INFO |
2008-05-13 | Name : The remote FreeBSD host is missing a security-related update. File : freebsd_pkg_633716fa1f8f11ddb1430211d880e350.nasl - Type : ACT_GATHER_INFO |
2008-05-09 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-611-3.nasl - Type : ACT_GATHER_INFO |
2008-05-09 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-611-2.nasl - Type : ACT_GATHER_INFO |
2008-05-09 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-611-1.nasl - Type : ACT_GATHER_INFO |
2008-04-28 | Name : The remote FreeBSD host is missing a security-related update. File : freebsd_pkg_7a7c585310a311dd8eb800163e000016.nasl - Type : ACT_GATHER_INFO |
2008-04-25 | Name : The remote Slackware host is missing a security update. File : Slackware_SSA_2008-111-01.nasl - Type : ACT_GATHER_INFO |
2008-04-22 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2008-0235.nasl - Type : ACT_GATHER_INFO |
2008-04-22 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200804-17.nasl - Type : ACT_GATHER_INFO |
2008-04-18 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2008-0235.nasl - Type : ACT_GATHER_INFO |
2008-04-18 | Name : The remote Fedora host is missing a security update. File : fedora_2008-3059.nasl - Type : ACT_GATHER_INFO |
2008-04-18 | Name : The remote Fedora host is missing a security update. File : fedora_2008-3103.nasl - Type : ACT_GATHER_INFO |
2008-04-18 | Name : The remote Fedora host is missing a security update. File : fedora_2008-3191.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 12:05:05 |
|