Array index vulnerability in Speex 1.1.12 and previous versions, as used in libfishsound 0.9.0 and previous versions, including Illiminable DirectShow Filters and Annodex Plugins for Firefox, xine-lib prior to 1.1.12, and many other products, allows remote malicious users to execute arbitrary code via a header structure containing a negative offset, which is used to dereference a function pointer.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
xine xine-lib 1.1.10 |
||
xine xine-lib 1.1.1 |
||
xine xine-lib 0.9.8 |
||
xine xine-lib 0.9.13 |
||
xine xine-lib |
||
xine xine-lib 1.1.10.1 |
||
xine xine-lib 1.0 |
||
xine xine-lib 0.99 |
||
xine xine-lib 1.1.0 |
||
xine xine-lib 1.0.3a |
||
xine xine-lib 1.1.11 |
||
xine xine-lib 1.0.2 |
||
xine xine-lib 1.0.1 |
||
xiph speex 1.1.9 |
||
xiph speex 1.1.8 |
||
xiph speex 1.0.5 |
||
xiph speex 1.0.3 |
||
xiph speex 1.1.2 |
||
xiph speex 1.1.11 |
||
xiph speex 1.1.10 |
||
xiph speex 1.1.4 |
||
xiph speex 1.1.3 |
||
xiph speex 1.1.7 |
||
xiph speex 1.1.6 |
||
xiph speex 1.1.1 |
||
xiph speex 1.0.2 |
||
xiph speex |
||
xiph speex 1.1.11.1 |
||
xiph speex 1.0.4 |
||
xiph speex 1.1.5 |
||
xiph libfishsound 0.7.0 |
||
xiph libfishsound 0.6.3 |
||
xiph libfishsound 0.8.1 |
||
xiph libfishsound 0.8.0 |
||
xiph libfishsound 0.5.41 |
||
xiph libfishsound 0.6.2 |
||
xiph libfishsound 0.6.1 |
||
xiph libfishsound |
||
xiph libfishsound 0.6.0 |
||
xiph libfishsound 0.5.42 |