Scientific Linux Security Update : speex on SL4.x, SL5.x i386/x86_64
High Nessus Plugin ID 60386
SynopsisThe remote Scientific Linux host is missing one or more security updates.
DescriptionThe Speex library was found to not properly validate input values read from the Speex files headers. An attacker could create a malicious Speex file that would crash an application or, possibly, allow arbitrary code execution with the privileges of the application calling the Speex library. (CVE-2008-1686)
SolutionUpdate the affected speex and / or speex-devel packages.