Mandriva Linux Security Advisory : gstreamer-plugins-good (MDVSA-2008:092)
High Nessus Plugin ID 36584
SynopsisThe remote Mandriva Linux host is missing one or more security updates.
DescriptionA vulnerability in the Speex library was found where it did not properly validate input values read from the Speex files headers. An attacker could create a malicious Speex file that would crash an application or potentially allow the execution of arbitrary code with the privileges of the application calling the Speex library (CVE-2008-1686).
The speex plugin in the gstreamer-plugins-good package is similarly affected by this issue.
The updated packages have been patched to correct this issue.
SolutionUpdate the affected packages.