FreeBSD : vorbis-tools -- Speex header processing vulnerability (633716fa-1f8f-11dd-b143-0211d880e350)

This script is Copyright (C) 2008-2013 Tenable Network Security, Inc.

Synopsis :

The remote FreeBSD host is missing a security-related update.

Description :

Secunia reports :

A vulnerability has been reported in vorbis-tools, which can
potentially be exploited by malicious people to compromise a user's

The vulnerability is caused due to an input validation error when
processing Speex headers, which can be exploited via a specially
crafted Speex stream containing a negative 'modeID' field in the

Successful exploitation may allow execution of arbitrary code.

See also :

Solution :

Update the affected package.

Risk factor :

High / CVSS Base Score : 9.3

Family: FreeBSD Local Security Checks

Nessus Plugin ID: 32299 (freebsd_pkg_633716fa1f8f11ddb1430211d880e350.nasl)

Bugtraq ID:

CVE ID: CVE-2008-1686

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now