Alerts This Week
Warning Icon 1 714
Alerts This Week
Warning Icon 1 714

Gentoo: GLSA-200804-17 Normal: Speex Code Execution Risk

gentoo
Calendar Grey April 17, 2008
Dist Gentoo Esm H88
Enhance your protection by utilizing Gentoo GLSA 200804-17, which tackles Speex vulnerabilities associated with insufficient input verification, safeguarding user data.
Improper input validation in Speex might lead to array indexing vulnerabilities in multiple player applications.

Summary

Gentoo Linux Security Advisory GLSA 200804-17 https://security.gentoo.org/ Severity: Normal Title: Speex: User-assisted execution of arbitrary code Date: April 17, 2008 Bugs: #217715 ID: 200804-17

Synopsis ======= Improper input validation in Speex might lead to array indexing vulnerabilities in multiple player applications.
Background ========= Speex is an audio compression format designed for speech that is free of patent restrictions.
Affected packages ================ ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 media-libs/speex < 1.2_beta3_p2 >= 1.2_beta3_p2
========== oCERT reported that the Speex library does not properly validate the "mode" value it derives from Speex streams, allowing for ...

Read the Full Advisory

Topics%20covered

Topics Covered

security advisory gentoo software update input validation arbitrary code normal severity media library

Resolution

References

Availability

style>.gentoo_availability{display:block;}

Concerns

Topics%20covered

Topics Covered

security advisory gentoo software update input validation arbitrary code normal severity media library

Synopsis

Background

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Affected Packages

Impact

Workaround

Your message here