fkie_cve-2008-1686
Vulnerability from fkie_nvd
Published
2008-04-08 18:05
Modified
2025-04-09 00:30
Severity ?
Summary
Array index vulnerability in Speex 1.1.12 and earlier, as used in libfishsound 0.9.0 and earlier, including Illiminable DirectShow Filters and Annodex Plugins for Firefox, xine-lib before 1.1.12, and many other products, allows remote attackers to execute arbitrary code via a header structure containing a negative offset, which is used to dereference a function pointer.
References
cve@mitre.orghttp://blog.kfish.org/2008/04/release-libfishsound-091.html
cve@mitre.orghttp://lists.opensuse.org/opensuse-security-announce/2008-06/msg00001.html
cve@mitre.orghttp://lists.xiph.org/pipermail/speex-dev/2008-April/006636.html
cve@mitre.orghttp://secunia.com/advisories/29672Vendor Advisory
cve@mitre.orghttp://secunia.com/advisories/29727Vendor Advisory
cve@mitre.orghttp://secunia.com/advisories/29835Vendor Advisory
cve@mitre.orghttp://secunia.com/advisories/29845Vendor Advisory
cve@mitre.orghttp://secunia.com/advisories/29854Vendor Advisory
cve@mitre.orghttp://secunia.com/advisories/29866Vendor Advisory
cve@mitre.orghttp://secunia.com/advisories/29878Vendor Advisory
cve@mitre.orghttp://secunia.com/advisories/29880Vendor Advisory
cve@mitre.orghttp://secunia.com/advisories/29881Vendor Advisory
cve@mitre.orghttp://secunia.com/advisories/29882Vendor Advisory
cve@mitre.orghttp://secunia.com/advisories/29898Vendor Advisory
cve@mitre.orghttp://secunia.com/advisories/30104Vendor Advisory
cve@mitre.orghttp://secunia.com/advisories/30117Vendor Advisory
cve@mitre.orghttp://secunia.com/advisories/30119Vendor Advisory
cve@mitre.orghttp://secunia.com/advisories/30337
cve@mitre.orghttp://secunia.com/advisories/30353Vendor Advisory
cve@mitre.orghttp://secunia.com/advisories/30358Vendor Advisory
cve@mitre.orghttp://secunia.com/advisories/30581Vendor Advisory
cve@mitre.orghttp://secunia.com/advisories/30717
cve@mitre.orghttp://secunia.com/advisories/31393Vendor Advisory
cve@mitre.orghttp://security.gentoo.org/glsa/glsa-200804-17.xml
cve@mitre.orghttp://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.460836
cve@mitre.orghttp://sourceforge.net/project/shownotes.php?release_id=592185
cve@mitre.orghttp://sourceforge.net/project/shownotes.php?release_id=592185&group_id=9655
cve@mitre.orghttp://www.debian.org/security/2008/dsa-1584Patch
cve@mitre.orghttp://www.debian.org/security/2008/dsa-1585Patch
cve@mitre.orghttp://www.debian.org/security/2008/dsa-1586
cve@mitre.orghttp://www.mandriva.com/security/advisories?name=MDVSA-2008:092
cve@mitre.orghttp://www.mandriva.com/security/advisories?name=MDVSA-2008:093
cve@mitre.orghttp://www.mandriva.com/security/advisories?name=MDVSA-2008:094
cve@mitre.orghttp://www.mandriva.com/security/advisories?name=MDVSA-2008:124
cve@mitre.orghttp://www.metadecks.org/software/sweep/news.html
cve@mitre.orghttp://www.novell.com/linux/security/advisories/2008_13_sr.html
cve@mitre.orghttp://www.ocert.org/advisories/ocert-2008-004.html
cve@mitre.orghttp://www.ocert.org/advisories/ocert-2008-2.html
cve@mitre.orghttp://www.redhat.com/support/errata/RHSA-2008-0235.html
cve@mitre.orghttp://www.securityfocus.com/archive/1/491009/100/0/threaded
cve@mitre.orghttp://www.securityfocus.com/bid/28665Patch
cve@mitre.orghttp://www.securitytracker.com/id?1019875
cve@mitre.orghttp://www.ubuntu.com/usn/usn-611-1
cve@mitre.orghttp://www.ubuntu.com/usn/usn-611-2
cve@mitre.orghttp://www.ubuntu.com/usn/usn-611-3
cve@mitre.orghttp://www.ubuntu.com/usn/usn-635-1
cve@mitre.orghttp://www.vupen.com/english/advisories/2008/1187/references
cve@mitre.orghttp://www.vupen.com/english/advisories/2008/1228/references
cve@mitre.orghttp://www.vupen.com/english/advisories/2008/1268/references
cve@mitre.orghttp://www.vupen.com/english/advisories/2008/1269/references
cve@mitre.orghttp://www.vupen.com/english/advisories/2008/1300/references
cve@mitre.orghttp://www.vupen.com/english/advisories/2008/1301/references
cve@mitre.orghttp://www.vupen.com/english/advisories/2008/1302/references
cve@mitre.orghttps://exchange.xforce.ibmcloud.com/vulnerabilities/41684
cve@mitre.orghttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10026
cve@mitre.orghttps://www.redhat.com/archives/fedora-package-announce/2008-April/msg00244.html
cve@mitre.orghttps://www.redhat.com/archives/fedora-package-announce/2008-April/msg00287.html
cve@mitre.orghttps://www.redhat.com/archives/fedora-package-announce/2008-April/msg00357.html
af854a3a-2127-422b-91ae-364da2661108http://blog.kfish.org/2008/04/release-libfishsound-091.html
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2008-06/msg00001.html
af854a3a-2127-422b-91ae-364da2661108http://lists.xiph.org/pipermail/speex-dev/2008-April/006636.html
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/29672Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/29727Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/29835Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/29845Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/29854Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/29866Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/29878Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/29880Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/29881Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/29882Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/29898Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/30104Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/30117Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/30119Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/30337
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/30353Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/30358Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/30581Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/30717
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/31393Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://security.gentoo.org/glsa/glsa-200804-17.xml
af854a3a-2127-422b-91ae-364da2661108http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.460836
af854a3a-2127-422b-91ae-364da2661108http://sourceforge.net/project/shownotes.php?release_id=592185
af854a3a-2127-422b-91ae-364da2661108http://sourceforge.net/project/shownotes.php?release_id=592185&group_id=9655
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2008/dsa-1584Patch
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2008/dsa-1585Patch
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2008/dsa-1586
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDVSA-2008:092
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDVSA-2008:093
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDVSA-2008:094
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDVSA-2008:124
af854a3a-2127-422b-91ae-364da2661108http://www.metadecks.org/software/sweep/news.html
af854a3a-2127-422b-91ae-364da2661108http://www.novell.com/linux/security/advisories/2008_13_sr.html
af854a3a-2127-422b-91ae-364da2661108http://www.ocert.org/advisories/ocert-2008-004.html
af854a3a-2127-422b-91ae-364da2661108http://www.ocert.org/advisories/ocert-2008-2.html
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2008-0235.html
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/491009/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/28665Patch
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id?1019875
af854a3a-2127-422b-91ae-364da2661108http://www.ubuntu.com/usn/usn-611-1
af854a3a-2127-422b-91ae-364da2661108http://www.ubuntu.com/usn/usn-611-2
af854a3a-2127-422b-91ae-364da2661108http://www.ubuntu.com/usn/usn-611-3
af854a3a-2127-422b-91ae-364da2661108http://www.ubuntu.com/usn/usn-635-1
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2008/1187/references
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2008/1228/references
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2008/1268/references
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2008/1269/references
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2008/1300/references
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2008/1301/references
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2008/1302/references
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/41684
af854a3a-2127-422b-91ae-364da2661108https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10026
af854a3a-2127-422b-91ae-364da2661108https://www.redhat.com/archives/fedora-package-announce/2008-April/msg00244.html
af854a3a-2127-422b-91ae-364da2661108https://www.redhat.com/archives/fedora-package-announce/2008-April/msg00287.html
af854a3a-2127-422b-91ae-364da2661108https://www.redhat.com/archives/fedora-package-announce/2008-April/msg00357.html
Impacted products
Vendor Product Version
xine xine-lib *
xine xine-lib 0.9.8
xine xine-lib 0.9.13
xine xine-lib 0.99
xine xine-lib 1.0
xine xine-lib 1.0.1
xine xine-lib 1.0.2
xine xine-lib 1.0.3a
xine xine-lib 1.1.0
xine xine-lib 1.1.1
xine xine-lib 1.1.10
xine xine-lib 1.1.10.1
xine xine-lib 1.1.11
xiph speex *
xiph speex 1.0.2
xiph speex 1.0.3
xiph speex 1.0.4
xiph speex 1.0.5
xiph speex 1.1.1
xiph speex 1.1.2
xiph speex 1.1.3
xiph speex 1.1.4
xiph speex 1.1.5
xiph speex 1.1.6
xiph speex 1.1.7
xiph speex 1.1.8
xiph speex 1.1.9
xiph speex 1.1.10
xiph speex 1.1.11
xiph speex 1.1.11.1
xiph libfishsound *
xiph libfishsound 0.5.41
xiph libfishsound 0.5.42
xiph libfishsound 0.6.0
xiph libfishsound 0.6.1
xiph libfishsound 0.6.2
xiph libfishsound 0.6.3
xiph libfishsound 0.7.0
xiph libfishsound 0.8.0
xiph libfishsound 0.8.1


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:xine:xine-lib:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4432BC00-44D6-4ED9-B642-1BF8C81B6EAD",
              "versionEndIncluding": "1.1.11.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xine:xine-lib:0.9.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "AEB839B0-408E-4D96-B576-D9300082B7A1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xine:xine-lib:0.9.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "1DF7BC3F-20B1-461A-A799-8A77F3D8CC8E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xine:xine-lib:0.99:*:*:*:*:*:*:*",
              "matchCriteriaId": "5FEDBE74-5040-4E61-A34A-2BC36A2A129F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xine:xine-lib:1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B8D402CB-4DED-4525-AF38-B5EC73C39E55",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xine:xine-lib:1.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A905719D-4520-4374-B3A7-55034728B85C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xine:xine-lib:1.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "2899EF34-824B-4893-8636-64A83EC5885B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xine:xine-lib:1.0.3a:*:*:*:*:*:*:*",
              "matchCriteriaId": "8EB8D295-B589-4E88-8FEE-DDD1591D9189",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xine:xine-lib:1.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FAB10333-6C25-4359-BB3F-D76468170825",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xine:xine-lib:1.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2377493B-8CC0-414B-AA5F-B7777C852195",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xine:xine-lib:1.1.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "AFC149FA-B916-4844-AD98-B7827116C803",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xine:xine-lib:1.1.10.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "D2BBF4E9-6090-4ED3-8A12-09396E660505",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xine:xine-lib:1.1.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "AA642532-365F-4981-BA09-A56D3628271C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:xiph:speex:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5C3B238B-BE7C-4912-A56A-95DE5051846E",
              "versionEndIncluding": "1.1.12",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xiph:speex:1.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "95BC5FA0-E710-42D4-8BF0-4D30BC44C833",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xiph:speex:1.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "8789D167-6DF2-46B7-ABA2-717E141738BE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xiph:speex:1.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "B93DC9BF-7CA8-4729-9A3D-F1CB711E1D37",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xiph:speex:1.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "F04629EA-2BE2-42D5-9AC7-DDC7AB1818FD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xiph:speex:1.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3873FDB9-80A9-4968-B0DC-84201AE1C78C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xiph:speex:1.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "A7339D59-8049-4172-BB68-134F9B50E896",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xiph:speex:1.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "5D762BB7-7A35-4D2A-9EC7-A328197F1EAB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xiph:speex:1.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "46825B5B-B8A2-4FEB-991D-F2AE174A8C3F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xiph:speex:1.1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "0D3BC3CC-07AA-445F-8913-E1FABC60C2AF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xiph:speex:1.1.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "9ACE9F82-E352-47C7-BA34-C97E4FB759FE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xiph:speex:1.1.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "4CFF577A-41DB-49B8-BA00-00650DA10DF1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xiph:speex:1.1.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "9655A71E-C2E4-4003-BBA7-05BD29375621",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xiph:speex:1.1.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "3E545096-41AC-4DF0-92B4-747CC1F1FE0F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xiph:speex:1.1.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "08E27446-B68B-4213-9FD1-3C3A8941BA24",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xiph:speex:1.1.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "8A0B0BC2-C155-460B-A8CB-0CF0C04896BB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xiph:speex:1.1.11.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "1BA06646-FCDF-427D-84B1-99D8C6889CC7",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:xiph:libfishsound:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "68C981F1-832E-46A5-99CB-ECC3B46D21DD",
              "versionEndIncluding": "0.9.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xiph:libfishsound:0.5.41:*:*:*:*:*:*:*",
              "matchCriteriaId": "FE5D47C5-1171-4A95-82CC-DA965D893F7A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xiph:libfishsound:0.5.42:*:*:*:*:*:*:*",
              "matchCriteriaId": "585368E9-36BB-45F6-A427-AF8578AA9347",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xiph:libfishsound:0.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "72C4DD65-8354-40DE-B05F-6742A67C8BCF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xiph:libfishsound:0.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "55901750-2FB5-4C4E-A1C9-8204D16FEBC1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xiph:libfishsound:0.6.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "022A0430-895C-46EA-A0C6-BA7492443901",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xiph:libfishsound:0.6.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "9CCA2B56-BB40-40AD-97F8-3AFCD2A66C1F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xiph:libfishsound:0.7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "76C7D68C-FEA1-4DC6-9FC4-A32AF894472C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xiph:libfishsound:0.8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B0B42ED6-243E-427D-86F3-46EEC0DF282D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xiph:libfishsound:0.8.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "30743A63-4AA4-4812-9026-04A8FC1308ED",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Array index vulnerability in Speex 1.1.12 and earlier, as used in libfishsound 0.9.0 and earlier, including Illiminable DirectShow Filters and Annodex Plugins for Firefox, xine-lib before 1.1.12, and many other products, allows remote attackers to execute arbitrary code via a header structure containing a negative offset, which is used to dereference a function pointer."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad de \u00edndice de matriz en Speex versi\u00f3n 1.1.12 y anteriores, tal y como es usado en libfishsound versi\u00f3n 0.9.0 y anteriores, incluyendo Illiminable DirectShow Filters y Annodex Plugins para Firefox, xine-lib versiones anteriores a 1.1.12, y muchos otros productos, permite a los atacantes remotos ejecutar c\u00f3digo arbitrario por medio de una estructura de encabezado que contiene un desplazamiento negativo, que se utiliza para desreferenciar un puntero de funci\u00f3n."
    }
  ],
  "id": "CVE-2008-1686",
  "lastModified": "2025-04-09T00:30:58.490",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 9.3,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 10.0,
        "obtainAllPrivilege": true,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2008-04-08T18:05:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://blog.kfish.org/2008/04/release-libfishsound-091.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2008-06/msg00001.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://lists.xiph.org/pipermail/speex-dev/2008-April/006636.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/29672"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/29727"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/29835"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/29845"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/29854"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/29866"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/29878"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/29880"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/29881"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/29882"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/29898"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/30104"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/30117"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/30119"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/30337"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/30353"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/30358"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/30581"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/30717"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/31393"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://security.gentoo.org/glsa/glsa-200804-17.xml"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2008\u0026m=slackware-security.460836"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://sourceforge.net/project/shownotes.php?release_id=592185"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://sourceforge.net/project/shownotes.php?release_id=592185\u0026group_id=9655"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www.debian.org/security/2008/dsa-1584"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www.debian.org/security/2008/dsa-1585"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.debian.org/security/2008/dsa-1586"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:092"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:093"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:094"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:124"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.metadecks.org/software/sweep/news.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.novell.com/linux/security/advisories/2008_13_sr.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.ocert.org/advisories/ocert-2008-004.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.ocert.org/advisories/ocert-2008-2.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.redhat.com/support/errata/RHSA-2008-0235.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/archive/1/491009/100/0/threaded"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/28665"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securitytracker.com/id?1019875"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.ubuntu.com/usn/usn-611-1"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.ubuntu.com/usn/usn-611-2"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.ubuntu.com/usn/usn-611-3"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.ubuntu.com/usn/usn-635-1"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2008/1187/references"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2008/1228/references"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2008/1268/references"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2008/1269/references"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2008/1300/references"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2008/1301/references"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2008/1302/references"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41684"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10026"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2008-April/msg00244.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2008-April/msg00287.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2008-April/msg00357.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://blog.kfish.org/2008/04/release-libfishsound-091.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2008-06/msg00001.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.xiph.org/pipermail/speex-dev/2008-April/006636.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/29672"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/29727"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/29835"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/29845"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/29854"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/29866"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/29878"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/29880"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/29881"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/29882"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/29898"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/30104"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/30117"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/30119"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/30337"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/30353"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/30358"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/30581"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/30717"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/31393"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://security.gentoo.org/glsa/glsa-200804-17.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2008\u0026m=slackware-security.460836"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://sourceforge.net/project/shownotes.php?release_id=592185"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://sourceforge.net/project/shownotes.php?release_id=592185\u0026group_id=9655"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.debian.org/security/2008/dsa-1584"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.debian.org/security/2008/dsa-1585"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2008/dsa-1586"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:092"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:093"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:094"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:124"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.metadecks.org/software/sweep/news.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.novell.com/linux/security/advisories/2008_13_sr.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.ocert.org/advisories/ocert-2008-004.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.ocert.org/advisories/ocert-2008-2.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2008-0235.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/491009/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/28665"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id?1019875"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.ubuntu.com/usn/usn-611-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.ubuntu.com/usn/usn-611-2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.ubuntu.com/usn/usn-611-3"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.ubuntu.com/usn/usn-635-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2008/1187/references"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2008/1228/references"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2008/1268/references"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2008/1269/references"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2008/1300/references"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2008/1301/references"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2008/1302/references"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41684"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10026"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2008-April/msg00244.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2008-April/msg00287.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2008-April/msg00357.html"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-189"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.