CVE-2008-1686
Published Apr 8, 2008
Last updated 6 years ago
Overview
- Description
- Array index vulnerability in Speex 1.1.12 and earlier, as used in libfishsound 0.9.0 and earlier, including Illiminable DirectShow Filters and Annodex Plugins for Firefox, xine-lib before 1.1.12, and many other products, allows remote attackers to execute arbitrary code via a header structure containing a negative offset, which is used to dereference a function pointer.
- Source
- cve@mitre.org
- NVD status
- Modified
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 9.3
- Impact score
- 10
- Exploitability score
- 8.6
- Vector string
- AV:N/AC:M/Au:N/C:C/I:C/A:C
Weaknesses
- nvd@nist.gov
- CWE-189
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:xine:xine-lib:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4432BC00-44D6-4ED9-B642-1BF8C81B6EAD",
"versionEndIncluding": "1.1.11.1"
},
{
"criteria": "cpe:2.3:a:xine:xine-lib:0.9.8:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "AEB839B0-408E-4D96-B576-D9300082B7A1"
},
{
"criteria": "cpe:2.3:a:xine:xine-lib:0.9.13:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1DF7BC3F-20B1-461A-A799-8A77F3D8CC8E"
},
{
"criteria": "cpe:2.3:a:xine:xine-lib:0.99:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5FEDBE74-5040-4E61-A34A-2BC36A2A129F"
},
{
"criteria": "cpe:2.3:a:xine:xine-lib:1.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B8D402CB-4DED-4525-AF38-B5EC73C39E55"
},
{
"criteria": "cpe:2.3:a:xine:xine-lib:1.0.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A905719D-4520-4374-B3A7-55034728B85C"
},
{
"criteria": "cpe:2.3:a:xine:xine-lib:1.0.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2899EF34-824B-4893-8636-64A83EC5885B"
},
{
"criteria": "cpe:2.3:a:xine:xine-lib:1.0.3a:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8EB8D295-B589-4E88-8FEE-DDD1591D9189"
},
{
"criteria": "cpe:2.3:a:xine:xine-lib:1.1.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FAB10333-6C25-4359-BB3F-D76468170825"
},
{
"criteria": "cpe:2.3:a:xine:xine-lib:1.1.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2377493B-8CC0-414B-AA5F-B7777C852195"
},
{
"criteria": "cpe:2.3:a:xine:xine-lib:1.1.10:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "AFC149FA-B916-4844-AD98-B7827116C803"
},
{
"criteria": "cpe:2.3:a:xine:xine-lib:1.1.10.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D2BBF4E9-6090-4ED3-8A12-09396E660505"
},
{
"criteria": "cpe:2.3:a:xine:xine-lib:1.1.11:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "AA642532-365F-4981-BA09-A56D3628271C"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:xiph:speex:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5C3B238B-BE7C-4912-A56A-95DE5051846E",
"versionEndIncluding": "1.1.12"
},
{
"criteria": "cpe:2.3:a:xiph:speex:1.0.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "95BC5FA0-E710-42D4-8BF0-4D30BC44C833"
},
{
"criteria": "cpe:2.3:a:xiph:speex:1.0.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8789D167-6DF2-46B7-ABA2-717E141738BE"
},
{
"criteria": "cpe:2.3:a:xiph:speex:1.0.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B93DC9BF-7CA8-4729-9A3D-F1CB711E1D37"
},
{
"criteria": "cpe:2.3:a:xiph:speex:1.0.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F04629EA-2BE2-42D5-9AC7-DDC7AB1818FD"
},
{
"criteria": "cpe:2.3:a:xiph:speex:1.1.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3873FDB9-80A9-4968-B0DC-84201AE1C78C"
},
{
"criteria": "cpe:2.3:a:xiph:speex:1.1.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A7339D59-8049-4172-BB68-134F9B50E896"
},
{
"criteria": "cpe:2.3:a:xiph:speex:1.1.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5D762BB7-7A35-4D2A-9EC7-A328197F1EAB"
},
{
"criteria": "cpe:2.3:a:xiph:speex:1.1.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "46825B5B-B8A2-4FEB-991D-F2AE174A8C3F"
},
{
"criteria": "cpe:2.3:a:xiph:speex:1.1.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0D3BC3CC-07AA-445F-8913-E1FABC60C2AF"
},
{
"criteria": "cpe:2.3:a:xiph:speex:1.1.6:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9ACE9F82-E352-47C7-BA34-C97E4FB759FE"
},
{
"criteria": "cpe:2.3:a:xiph:speex:1.1.7:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4CFF577A-41DB-49B8-BA00-00650DA10DF1"
},
{
"criteria": "cpe:2.3:a:xiph:speex:1.1.8:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9655A71E-C2E4-4003-BBA7-05BD29375621"
},
{
"criteria": "cpe:2.3:a:xiph:speex:1.1.9:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3E545096-41AC-4DF0-92B4-747CC1F1FE0F"
},
{
"criteria": "cpe:2.3:a:xiph:speex:1.1.10:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "08E27446-B68B-4213-9FD1-3C3A8941BA24"
},
{
"criteria": "cpe:2.3:a:xiph:speex:1.1.11:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8A0B0BC2-C155-460B-A8CB-0CF0C04896BB"
},
{
"criteria": "cpe:2.3:a:xiph:speex:1.1.11.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1BA06646-FCDF-427D-84B1-99D8C6889CC7"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:xiph:libfishsound:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "68C981F1-832E-46A5-99CB-ECC3B46D21DD",
"versionEndIncluding": "0.9.0"
},
{
"criteria": "cpe:2.3:a:xiph:libfishsound:0.5.41:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FE5D47C5-1171-4A95-82CC-DA965D893F7A"
},
{
"criteria": "cpe:2.3:a:xiph:libfishsound:0.5.42:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "585368E9-36BB-45F6-A427-AF8578AA9347"
},
{
"criteria": "cpe:2.3:a:xiph:libfishsound:0.6.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "72C4DD65-8354-40DE-B05F-6742A67C8BCF"
},
{
"criteria": "cpe:2.3:a:xiph:libfishsound:0.6.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "55901750-2FB5-4C4E-A1C9-8204D16FEBC1"
},
{
"criteria": "cpe:2.3:a:xiph:libfishsound:0.6.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "022A0430-895C-46EA-A0C6-BA7492443901"
},
{
"criteria": "cpe:2.3:a:xiph:libfishsound:0.6.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9CCA2B56-BB40-40AD-97F8-3AFCD2A66C1F"
},
{
"criteria": "cpe:2.3:a:xiph:libfishsound:0.7.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "76C7D68C-FEA1-4DC6-9FC4-A32AF894472C"
},
{
"criteria": "cpe:2.3:a:xiph:libfishsound:0.8.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B0B42ED6-243E-427D-86F3-46EEC0DF282D"
},
{
"criteria": "cpe:2.3:a:xiph:libfishsound:0.8.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "30743A63-4AA4-4812-9026-04A8FC1308ED"
}
],
"operator": "OR"
}
],
"operator": "AND"
}
]