DescriptionArray index vulnerability in Speex 1.1.12 and earlier, as used in libfishsound 0.9.0 and earlier, including Illiminable DirectShow Filters and Annodex Plugins for Firefox, xine-lib before 1.1.12, and many other products, allows remote attackers to execute arbitrary code via a header structure containing a negative offset, which is used to dereference a function pointer.
Overall state of this security issue: Resolved
This issue is currently rated as having critical severity.
|National Vulnerability Database|
- SUSE-SR:2008:012, published Fri, 06 Jun 2008 16:00:00 +0000
- SUSE-SR:2008:013, published Fri, 13 Jun 2008 17:00:00 +0000