Summary
Ubuntu Update for Linux kernel vulnerabilities USN-611-1
Solution
Please Install the Updated Packages.
Insight
It was discovered that Speex did not properly validate its input when processing Speex file headers. If a user or automated system were tricked into opening a specially crafted Speex file, an attacker could create a denial of service in applications linked against Speex or possibly execute arbitrary code as the user invoking the program.
Affected
speex vulnerability on Ubuntu 6.06 LTS ,
Ubuntu 7.04 ,
Ubuntu 7.10 ,
Ubuntu 8.04 LTS
References
Updated on 2015-03-25
Severity
Classification
-
CVE CVE-2008-1686 -
CVSS Base Score: 9.3
AV:N/AC:M/Au:N/C:C/I:C/A:C
Related Vulnerabilities