RSS   Vulnerabilities for 'Speex'   RSS

2021-11-10
 
CVE-2020-23903

CWE-369
 

 
A Divide by Zero vulnerability in the function static int read_samples of Speex v1.2 allows attackers to cause a denial of service (DoS) via a crafted WAV file.

 
 
CVE-2020-23904

CWE-787
 

 
A stack buffer overflow in speexenc.c of Speex v1.2 allows attackers to cause a denial of service (DoS) via a crafted WAV file.

 
2008-04-08
 
CVE-2008-1686

CWE-189
 

 
Array index vulnerability in Speex 1.1.12 and earlier, as used in libfishsound 0.9.0 and earlier, including Illiminable DirectShow Filters and Annodex Plugins for Firefox, xine-lib before 1.1.12, and many other products, allows remote attackers to execute arbitrary code via a header structure containing a negative offset, which is used to dereference a function pointer.

 

 >>> Vendor: XIPH 5 Products
Icecast
Libvorbis
Libfishsound
Speex
Vorbis-tools


Copyright 2024, cxsecurity.com

 

Back to Top