A stack buffer overflow in speexenc.c of Speex v1.2 allows attackers to cause a denial of service (DoS) via a crafted WAV file. NOTE: the vendor states "I cannot reproduce it" and it "is a demo program.
Max CVSS
5.5
EPSS Score
0.07%
Published
2021-11-10
Updated
2024-03-21
A Divide by Zero vulnerability in the function static int read_samples of Speex v1.2 allows attackers to cause a denial of service (DoS) via a crafted WAV file.
Max CVSS
5.5
EPSS Score
0.10%
Published
2021-11-10
Updated
2022-04-05
Array index vulnerability in Speex 1.1.12 and earlier, as used in libfishsound 0.9.0 and earlier, including Illiminable DirectShow Filters and Annodex Plugins for Firefox, xine-lib before 1.1.12, and many other products, allows remote attackers to execute arbitrary code via a header structure containing a negative offset, which is used to dereference a function pointer.
Max CVSS
9.3
EPSS Score
6.57%
Published
2008-04-08
Updated
2018-10-11
3 vulnerabilities found