mirror of
https://github.com/CVEProject/cvelist.git
synced 2025-07-29 05:56:59 +00:00
348 lines
12 KiB
JSON
348 lines
12 KiB
JSON
{
|
|
"CVE_data_meta" : {
|
|
"ASSIGNER" : "cve@mitre.org",
|
|
"ID" : "CVE-2008-1686",
|
|
"STATE" : "PUBLIC"
|
|
},
|
|
"affects" : {
|
|
"vendor" : {
|
|
"vendor_data" : [
|
|
{
|
|
"product" : {
|
|
"product_data" : [
|
|
{
|
|
"product_name" : "n/a",
|
|
"version" : {
|
|
"version_data" : [
|
|
{
|
|
"version_value" : "n/a"
|
|
}
|
|
]
|
|
}
|
|
}
|
|
]
|
|
},
|
|
"vendor_name" : "n/a"
|
|
}
|
|
]
|
|
}
|
|
},
|
|
"data_format" : "MITRE",
|
|
"data_type" : "CVE",
|
|
"data_version" : "4.0",
|
|
"description" : {
|
|
"description_data" : [
|
|
{
|
|
"lang" : "eng",
|
|
"value" : "Array index vulnerability in Speex 1.1.12 and earlier, as used in libfishsound 0.9.0 and earlier, including Illiminable DirectShow Filters and Annodex Plugins for Firefox, xine-lib before 1.1.12, and many other products, allows remote attackers to execute arbitrary code via a header structure containing a negative offset, which is used to dereference a function pointer."
|
|
}
|
|
]
|
|
},
|
|
"problemtype" : {
|
|
"problemtype_data" : [
|
|
{
|
|
"description" : [
|
|
{
|
|
"lang" : "eng",
|
|
"value" : "n/a"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
"references" : {
|
|
"reference_data" : [
|
|
{
|
|
"name" : "20080417 [oCERT-2008-004] multiple speex implementations insufficientboundary checks",
|
|
"refsource" : "BUGTRAQ",
|
|
"url" : "http://www.securityfocus.com/archive/1/491009/100/0/threaded"
|
|
},
|
|
{
|
|
"name" : "[Speex-dev] 20080406 libfishsound 0.9.1 Release",
|
|
"refsource" : "MLIST",
|
|
"url" : "http://lists.xiph.org/pipermail/speex-dev/2008-April/006636.html"
|
|
},
|
|
{
|
|
"name" : "http://www.ocert.org/advisories/ocert-2008-2.html",
|
|
"refsource" : "MISC",
|
|
"url" : "http://www.ocert.org/advisories/ocert-2008-2.html"
|
|
},
|
|
{
|
|
"name" : "http://www.ocert.org/advisories/ocert-2008-004.html",
|
|
"refsource" : "MISC",
|
|
"url" : "http://www.ocert.org/advisories/ocert-2008-004.html"
|
|
},
|
|
{
|
|
"name" : "http://blog.kfish.org/2008/04/release-libfishsound-091.html",
|
|
"refsource" : "CONFIRM",
|
|
"url" : "http://blog.kfish.org/2008/04/release-libfishsound-091.html"
|
|
},
|
|
{
|
|
"name" : "http://sourceforge.net/project/shownotes.php?release_id=592185&group_id=9655",
|
|
"refsource" : "CONFIRM",
|
|
"url" : "http://sourceforge.net/project/shownotes.php?release_id=592185&group_id=9655"
|
|
},
|
|
{
|
|
"name" : "http://sourceforge.net/project/shownotes.php?release_id=592185",
|
|
"refsource" : "CONFIRM",
|
|
"url" : "http://sourceforge.net/project/shownotes.php?release_id=592185"
|
|
},
|
|
{
|
|
"name" : "http://www.metadecks.org/software/sweep/news.html",
|
|
"refsource" : "CONFIRM",
|
|
"url" : "http://www.metadecks.org/software/sweep/news.html"
|
|
},
|
|
{
|
|
"name" : "DSA-1584",
|
|
"refsource" : "DEBIAN",
|
|
"url" : "http://www.debian.org/security/2008/dsa-1584"
|
|
},
|
|
{
|
|
"name" : "DSA-1585",
|
|
"refsource" : "DEBIAN",
|
|
"url" : "http://www.debian.org/security/2008/dsa-1585"
|
|
},
|
|
{
|
|
"name" : "DSA-1586",
|
|
"refsource" : "DEBIAN",
|
|
"url" : "http://www.debian.org/security/2008/dsa-1586"
|
|
},
|
|
{
|
|
"name" : "FEDORA-2008-3059",
|
|
"refsource" : "FEDORA",
|
|
"url" : "https://www.redhat.com/archives/fedora-package-announce/2008-April/msg00244.html"
|
|
},
|
|
{
|
|
"name" : "FEDORA-2008-3103",
|
|
"refsource" : "FEDORA",
|
|
"url" : "https://www.redhat.com/archives/fedora-package-announce/2008-April/msg00287.html"
|
|
},
|
|
{
|
|
"name" : "FEDORA-2008-3191",
|
|
"refsource" : "FEDORA",
|
|
"url" : "https://www.redhat.com/archives/fedora-package-announce/2008-April/msg00357.html"
|
|
},
|
|
{
|
|
"name" : "GLSA-200804-17",
|
|
"refsource" : "GENTOO",
|
|
"url" : "http://security.gentoo.org/glsa/glsa-200804-17.xml"
|
|
},
|
|
{
|
|
"name" : "MDVSA-2008:092",
|
|
"refsource" : "MANDRIVA",
|
|
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2008:092"
|
|
},
|
|
{
|
|
"name" : "MDVSA-2008:093",
|
|
"refsource" : "MANDRIVA",
|
|
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2008:093"
|
|
},
|
|
{
|
|
"name" : "MDVSA-2008:094",
|
|
"refsource" : "MANDRIVA",
|
|
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2008:094"
|
|
},
|
|
{
|
|
"name" : "MDVSA-2008:124",
|
|
"refsource" : "MANDRIVA",
|
|
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2008:124"
|
|
},
|
|
{
|
|
"name" : "RHSA-2008:0235",
|
|
"refsource" : "REDHAT",
|
|
"url" : "http://www.redhat.com/support/errata/RHSA-2008-0235.html"
|
|
},
|
|
{
|
|
"name" : "SSA:2008-111-01",
|
|
"refsource" : "SLACKWARE",
|
|
"url" : "http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.460836"
|
|
},
|
|
{
|
|
"name" : "SUSE-SR:2008:012",
|
|
"refsource" : "SUSE",
|
|
"url" : "http://lists.opensuse.org/opensuse-security-announce/2008-06/msg00001.html"
|
|
},
|
|
{
|
|
"name" : "SUSE-SR:2008:013",
|
|
"refsource" : "SUSE",
|
|
"url" : "http://www.novell.com/linux/security/advisories/2008_13_sr.html"
|
|
},
|
|
{
|
|
"name" : "USN-611-1",
|
|
"refsource" : "UBUNTU",
|
|
"url" : "http://www.ubuntu.com/usn/usn-611-1"
|
|
},
|
|
{
|
|
"name" : "USN-611-2",
|
|
"refsource" : "UBUNTU",
|
|
"url" : "http://www.ubuntu.com/usn/usn-611-2"
|
|
},
|
|
{
|
|
"name" : "USN-611-3",
|
|
"refsource" : "UBUNTU",
|
|
"url" : "http://www.ubuntu.com/usn/usn-611-3"
|
|
},
|
|
{
|
|
"name" : "USN-635-1",
|
|
"refsource" : "UBUNTU",
|
|
"url" : "http://www.ubuntu.com/usn/usn-635-1"
|
|
},
|
|
{
|
|
"name" : "28665",
|
|
"refsource" : "BID",
|
|
"url" : "http://www.securityfocus.com/bid/28665"
|
|
},
|
|
{
|
|
"name" : "oval:org.mitre.oval:def:10026",
|
|
"refsource" : "OVAL",
|
|
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10026"
|
|
},
|
|
{
|
|
"name" : "30337",
|
|
"refsource" : "SECUNIA",
|
|
"url" : "http://secunia.com/advisories/30337"
|
|
},
|
|
{
|
|
"name" : "ADV-2008-1187",
|
|
"refsource" : "VUPEN",
|
|
"url" : "http://www.vupen.com/english/advisories/2008/1187/references"
|
|
},
|
|
{
|
|
"name" : "ADV-2008-1228",
|
|
"refsource" : "VUPEN",
|
|
"url" : "http://www.vupen.com/english/advisories/2008/1228/references"
|
|
},
|
|
{
|
|
"name" : "ADV-2008-1300",
|
|
"refsource" : "VUPEN",
|
|
"url" : "http://www.vupen.com/english/advisories/2008/1300/references"
|
|
},
|
|
{
|
|
"name" : "ADV-2008-1301",
|
|
"refsource" : "VUPEN",
|
|
"url" : "http://www.vupen.com/english/advisories/2008/1301/references"
|
|
},
|
|
{
|
|
"name" : "ADV-2008-1302",
|
|
"refsource" : "VUPEN",
|
|
"url" : "http://www.vupen.com/english/advisories/2008/1302/references"
|
|
},
|
|
{
|
|
"name" : "ADV-2008-1268",
|
|
"refsource" : "VUPEN",
|
|
"url" : "http://www.vupen.com/english/advisories/2008/1268/references"
|
|
},
|
|
{
|
|
"name" : "ADV-2008-1269",
|
|
"refsource" : "VUPEN",
|
|
"url" : "http://www.vupen.com/english/advisories/2008/1269/references"
|
|
},
|
|
{
|
|
"name" : "1019875",
|
|
"refsource" : "SECTRACK",
|
|
"url" : "http://www.securitytracker.com/id?1019875"
|
|
},
|
|
{
|
|
"name" : "29727",
|
|
"refsource" : "SECUNIA",
|
|
"url" : "http://secunia.com/advisories/29727"
|
|
},
|
|
{
|
|
"name" : "29672",
|
|
"refsource" : "SECUNIA",
|
|
"url" : "http://secunia.com/advisories/29672"
|
|
},
|
|
{
|
|
"name" : "29835",
|
|
"refsource" : "SECUNIA",
|
|
"url" : "http://secunia.com/advisories/29835"
|
|
},
|
|
{
|
|
"name" : "29845",
|
|
"refsource" : "SECUNIA",
|
|
"url" : "http://secunia.com/advisories/29845"
|
|
},
|
|
{
|
|
"name" : "29854",
|
|
"refsource" : "SECUNIA",
|
|
"url" : "http://secunia.com/advisories/29854"
|
|
},
|
|
{
|
|
"name" : "29866",
|
|
"refsource" : "SECUNIA",
|
|
"url" : "http://secunia.com/advisories/29866"
|
|
},
|
|
{
|
|
"name" : "29878",
|
|
"refsource" : "SECUNIA",
|
|
"url" : "http://secunia.com/advisories/29878"
|
|
},
|
|
{
|
|
"name" : "29880",
|
|
"refsource" : "SECUNIA",
|
|
"url" : "http://secunia.com/advisories/29880"
|
|
},
|
|
{
|
|
"name" : "29881",
|
|
"refsource" : "SECUNIA",
|
|
"url" : "http://secunia.com/advisories/29881"
|
|
},
|
|
{
|
|
"name" : "29882",
|
|
"refsource" : "SECUNIA",
|
|
"url" : "http://secunia.com/advisories/29882"
|
|
},
|
|
{
|
|
"name" : "29898",
|
|
"refsource" : "SECUNIA",
|
|
"url" : "http://secunia.com/advisories/29898"
|
|
},
|
|
{
|
|
"name" : "30104",
|
|
"refsource" : "SECUNIA",
|
|
"url" : "http://secunia.com/advisories/30104"
|
|
},
|
|
{
|
|
"name" : "30117",
|
|
"refsource" : "SECUNIA",
|
|
"url" : "http://secunia.com/advisories/30117"
|
|
},
|
|
{
|
|
"name" : "30119",
|
|
"refsource" : "SECUNIA",
|
|
"url" : "http://secunia.com/advisories/30119"
|
|
},
|
|
{
|
|
"name" : "30353",
|
|
"refsource" : "SECUNIA",
|
|
"url" : "http://secunia.com/advisories/30353"
|
|
},
|
|
{
|
|
"name" : "30358",
|
|
"refsource" : "SECUNIA",
|
|
"url" : "http://secunia.com/advisories/30358"
|
|
},
|
|
{
|
|
"name" : "30581",
|
|
"refsource" : "SECUNIA",
|
|
"url" : "http://secunia.com/advisories/30581"
|
|
},
|
|
{
|
|
"name" : "30717",
|
|
"refsource" : "SECUNIA",
|
|
"url" : "http://secunia.com/advisories/30717"
|
|
},
|
|
{
|
|
"name" : "31393",
|
|
"refsource" : "SECUNIA",
|
|
"url" : "http://secunia.com/advisories/31393"
|
|
},
|
|
{
|
|
"name" : "fishsound-libfishsound-speex-bo(41684)",
|
|
"refsource" : "XF",
|
|
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/41684"
|
|
}
|
|
]
|
|
}
|
|
}
|