FishSound Library Remote Speex Decoding Code Execution Vulnerability

FishSound Library Remote Speex Decoding Code Execution Vulnerability

References:

[Speex-dev] libfishsound 0.9.1 Release (Conrad Parker)
Annodex Plugins for Firefox Project Page (CSIRO)
Directshow Filters for Ogg Vorbis, Speex, Theora and FLAC Project Page (illiminable)
FishSound Project Page (CSIRO)
GStreamer Good Plug-ins Home Page (freedesktop.org)
Release Name: 1.1.12 (xine)
SDL_sound Home Page (SDL)
Speex: A Free Codec For Free Speech (Xiph.org)
Sweep Home Page (Conrad Parker)
Vendor Home Page (xine)
VLC Homepage (VideoLAN)
[oCERT-2008-004] multiple speex implementations insufficient boundary checks (Andrea Barisani )
#2008-002 libfishsound insufficient boundary checks (oCERT)
#2008-004 multiple speex implementations insufficient boundary checks (oCERT)
RHSA-2008:0235-4 - Important: speex security update (Red Hat)

Privacy Statement
Copyright 2010, SecurityFocus