Speex

speex

Vendor: Xiph • 3 CVEs

CVEs (3)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2020-23904 1Xiph 1Speex Nov 21, 2024 Nov 10, 2021 N/A· v4 5.5 MEDIUM· v3 4.3 MEDIUM· v2 A stack buffer overflow in speexenc.c of Speex v1.2 allows attackers to cause a denial of service (DoS) via a crafted WAV file. NOTE: the vendor states "I cannot reproduce it" and it "is a demo program.
CVE-2020-23903 2Fedoraproject Xiph 2Fedora Speex Nov 21, 2024 Nov 10, 2021 N/A· v4 5.5 MEDIUM· v3 4.3 MEDIUM· v2 A Divide by Zero vulnerability in the function static int read_samples of Speex v1.2 allows attackers to cause a denial of service (DoS) via a crafted WAV file.
CVE-2008-1686 2Xine Xiph 3Libfishsound SpeexXine Lib Apr 23, 2026 Apr 8, 2008 N/A· v4 N/A· v3 9.3 HIGH· v2 Array index vulnerability in Speex 1.1.12 and earlier, as used in libfishsound 0.9.0 and earlier, including Illiminable DirectShow Filters and Annodex Plugins for Firefox, xine-lib before 1.1.12, and many other products,...Show more Array index vulnerability in Speex 1.1.12 and earlier, as used in libfishsound 0.9.0 and earlier, including Illiminable DirectShow Filters and Annodex Plugins for Firefox, xine-lib before 1.1.12, and many other products, allows remote attackers to execute arbitrary code via a header structure containing a negative offset, which is used to dereference a function pointer.Show less